Here  comes  Juniper  The  company's  enterprise 

network  ambitions  have  gotten  the  industry's  attention.  PAGE  10. 


Wireless  world  Companies  start  to  cut  cords  on 

sensor  networks.  PAGE  10.  WiMax  makes  its  move.  PAGE  37. 
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City-owned  utility  plans  to  run  fiber 
to  every  home,  giving  teleworkers  100M 
bit/sec  connections  to  the  office. 


Compliance  costly 

Network  World  survey  finds  urgency,  increased  spending. 


■  BY  CARA  GARRETSON 

Keeping  pace  with  ever-more- 
stringent  federal  regulations  has 
rocketed  to  the  upper  reaches  of 
network  executives’  concerns, 
according  to  the  10th  annual 
Network  World  500  survey 

About  60%  of  respondents  said 
ensuring  compliance  with  regula¬ 
tions  over  the  next  12  months  is 
“extremely  important,”  while  only 
2%  said  the  issue  isn’t  important 
at  all.  This  was  the  first  year  this 
issue  was  raised  in  the  survey 
which  was  conducted  jointly  by 
Network  World  and  Research 
Concepts  and  polled  500  network 
IT  executives. 


IT  and  the  law 

Will  your  organization 
engage  in  any  appli¬ 
cation  deployments 
or  upgrades  as  a  result 
of  new  regulatory 
initiatives? 

Number  of  respondents:  125 

SOURCE:  NETWORK  WORLD  500  SURVEY 

Nearly  half  of  the  respondents 
said  they  will  upgrade  their  appli¬ 
cations  or  purchase  new  applica¬ 
tions  this  year  to  ensure  compli¬ 
ance  with  regulations,  including 
the  Health  Insurance  Portability 
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and  Accountability  Act  (HIPAA) 
and  the  Sarbanes-Oxley  Act.  IT 
executives  also  are  examining 
data-handling  processes  and 
information  storage  to  be  sure 
See  NW500,  page  20 


Within 
1  to  2 
years 

10% 


Not  sure 

7% 


Within  the  next 


MPLS  adds  lift  to  Boeing  net 


■  BY  PHIL  HOCHMUTH 

For  a  jumbo  corporation  such 
as  Boeing,  becoming  a  smaller, 
leaner  organization  might  seem 
like  a  flight  of  fancy 

But  the  aerospace  giant  has 
made  that  aspiration  a  reality  in 
part  by  building  a  converged, 
multi-service  network  based  on 


i 

. 

ILessons Tromleading  users 
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Multi-protocol  Label  Switching 
(MPLS)  technology,  which  lets 
Boeing  employees  do  more  with 
less.  For  example,  in  the  past  few 


BELIEF  IS  ON  THE  WAY.  kt  GoRemOte 

www.GoRemote.com  For  the  everywhere  enterprise. 


years,  the  average  profit  brought 
in  per  worker  increased  by  67%, 
the  company  says.  Meanwhile, 
Boeing’s  workforce  is  17%  small¬ 
er  today  than  in  2001  and  aver¬ 
age  network  usage  per  employee 
(measured  in  megabits  per  sec¬ 
ond)  has 

climbed  250% 
since  2002,  ac¬ 
cording  to  the 
company. 

Boeing’s  ad¬ 
vanced  network 
architecture  also 
makes  it  easier 
to  collaborate  electronically  with 
third-party  partners  —  and  the 
company  relies  on  them  now 
more  than  ever. 

“This  is  an  indication  that 
we  have  become  more  of  an 

See  Boeing,  page  76 


■  More 
user  news: 
Montgomery 
County,  Pa., 
revamps  net¬ 
work  infra¬ 
structure  to 
save  millions. 
Page  21. 
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A  Wider  Net 

A  history  of  singing 
the  Big  Blues 

Before  there  was  Notes,  there 
was  the  IBM  songbook. 

■  BY  DENI  CONNOR 

y°u  neec*  a  ^ew  coc^ta'ls  before 
OU  you’ll  risk  singing  the  ol’ college  fight  song?  Be 
thankful  you  didn’t  work  for  IBM  in  a  bygone  era  that 
saw  Big  Blue  make  an  art  form  of  corporate  “fellowship 
songs.”  Sing  for  their  supper  they  did  —  with  feeling. 

Times  were  bad  —  the  U.S.  was  embroiled  in  an  eco¬ 
nomic  recession  and  one-quarter  of  the  U.S.  workforce 
was  unemployed.  IBM  founder  Thomas  Watson  Sr.,  in 
order  to  keep  employees  motivated,  collected  songs 
employees  had  written  about  IBM  into  a  book  dubbed 
Songs  of  the  IBM,  which  the  company  published  in 
1927. 

Watson  felt  that  song  singing  was  a  way  to  build 

See  IBM,  page  18 
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Introducing  the  new  Microsoft  Office  System. 

Now  users  can  do  more  for  themselves  so  you  can  focus 
on  the  important  things.  More  than  just  the  core  suite 
you're  familiar  with,  the  new  Microsoft®  Office  System  is 
an  integrated  system  of  easy-to-use,  expanded  programs, 
servers,  services,  and  solutions  that  help  end  users  be 
more  self-sufficient.  With  Microsoft  Office  Professional 
Edition  2003,  Microsoft  Windows®  SharePoint™  Services, 
and  Microsoft  Office  SharePoint  Portal  Server  2003,  end 
users  will  have  the  ability  to  create  and  manage  their 
own  team  work  spaces.  So  not  only  will  they  be  able 
to  collaborate  and  share  information  easily  and  more 
securely,  but  you'll  be  free  to  do  what  you  really  need  to 
do.  To  find  out  how  the  Microsoft  Office  System  can 
work  for  you,  go  to  microsoft.com/officelT 


More  than  what  it  used  to  be,  it's  now  a 
comprehensive,  customizable  system. 


Servers 


Microsoft 
Office  System 

Programs 

Access  2003 
Excel  2003 
FrontPage®  2003 
InfoPath™  2003 
OneNote™  2003 
Outlook®  2003 


PowerPoint®  2003 
Project  2003 
Publisher  2003 
Visio®  2003 
Word  2003 


Project  Server  2003 

Live  Communications 
Server  2003 

Exchange 
Server  2003 

SharePoint™  Portal 
Server  2003 


Services 

Live  Meeting 
Office  Online 

Solutions 

Solution  Accelerators 


Enabling  Technologies: 

Windows  Server™  2003,  Windows®  SharePoint  Services, 
Rights  Management  Services 


Microsoft* 
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Great  Moments  at  Work 


Sun  Java'  Enterprise  System. 

Everything  you  need  to  run  your  business.  Email,  instant  messaging,  calendar,  application  server, 
portals,  network  identity,  clustering,  web  server,  security,  enterprise  messaging,  interoperability,  web 
service  delivery,  directory,  firewalls,  streaming  video,  grid  computing  and  more  -  all  for  a  single 
price  of  $1 00/employee/year,1  with  an  unlimited  right  to  use.  All-inclusive,  no  hidden  costs.  Software, 
service  and  support  included.  Our  bet  is  that  you  never  spend  too  much  on  IT  again. 

Purchase  a  subscription  to  the  Java  Enterprise  Developer  Promotion  and  get  a  free  Sun  Fire™  V20 z 
AMD  Opteron -based  server  today.2 


THE  BLUEPRINT  IN  THE  BACKGROUND  DEMONSTRATES  THE  WORLD-C 
AND  ARCHITECTURE  OF  THE  SUN  JAVA  ENTERPRISE  SYSTEM.  TODAY,  50 
JAVA  ENTERPRISE. SYSTEM  TO  DELIVER  NETWORK  SERVICES  TO  OVER  11 
AND  MILLIONS  OF  THEIR  CUSTOMERS  WHILE  SLASHING  IT  COSTS. 


EMPLOYEES 


FIND  OUT  HOW  MUCH  YOU  CAN 

GET  AND  HOW  MUCH  YOU  CAN  SAVE  AT: 

SUN.COM/JES 


microsystems 

The  Network  is  the  Computer 


I  PRICING  IS  U  S.  USI  PRICE  All  PRICES  ARE  QUOTED  IN  US  DOLLARS.  2  OFFER  VALID  IN  THE  U  S  AND  THROUGH  SUN  STORE  ONLY.  PROMOTION  VALID  THROUGH  JUNE  30.  2004.  FOR  A  LIMITED  TIME  ONLY  GET  THE  JAVA  ENTERPRISE  DEVELOPER  PROMOTION 
A  VALUE  OF  OVER  U  S  $7000,  FOR  ONLY  U  S.  $1499  PER  YEAR  FOR  A  3-YEAR  SUBSCRIPTION.  SEE  WEBSITE  FOR  DETAILS. 

«  2004;SUN  MICROSYSTEMS  INC  ALL  RIGHTS  RESERVED  SUN.  SUN  MICROSYSTEMS.  THE  SUN  LOGO.  JAVA.  THE  JAVA  LOGO,  SUN  FIRE  AND  THE  NETWORK  IS  THE  COMPUTER  ARE  TRADEMARKS  OR  REGISTERED  TRADEMARKS  OF  SUN  MICROSYSTEMS  INC  IN 
THE  UNITED  STATES  AND  OTHER  COUNTRIES 
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10  Next  frontier  for  wireless:  Sensor  networks. 

10  Industry  awaits  Juniper’s  next  enterprise  move. 

12  NEC  introduces  Itanium  blade  servers. 

12  IBM  hooking  .Net  into  access  management. 

12  IBM  improves  data  integration  package. 

15  Sun  to  rein  in  R&D  spending,  expand  partnerships. 

17  Tropos  Networks  boosts  outdoor  wireless  LAN  system. 
17  Microsoft  extends  business  intelligence  tools. 

19  Conferencing  vendors  to  demo  wares  at  Infocomm. 

20  EMC  upgrades  Centera  storage  software. 

78  Cisco,  Trend  Micro  team  to  fight  worms. 


Features 


Face-Off 


It's  Zenas  vs.  Zeus!  The  Yankee  Group's  Zeus  Kerravala  takes  the  negative  and  Zenas 
Hutchinson  of  St.  Paul  Venture  Capital  takes  the  pro  position  on  the  issue  of  whether 
open  source  IP  telephony  is  ready  for  prime  time.  Page  56. 


Hutchinson  Kerravala 


Iceland  is  hot  for  fiber  to  the  curb 

Reykjavik  is  leading  the  way  in  delivering  fiber  to  every  house  in  the  city;  teleworkers  will  enjoy  100M  bit/sec  connections. 

Page  59. 

ProductPeek  Product  Peek 

McAfee's  Protection  Pilot  is  a  low-end  anti-virus  management  tool  that  shines.  Page  62. 


Infrastructure 

■  21  Under  pressure:  Pa.  county 
upgrades  network  and  saves. 

■  21  Sun  CTO  talks  interconnects. 

■  24  Vendors  offer  tools  to 
control,  secure  WLANs. 

■  24  Kevin  Tolly:  VoWLAN:  Two 
degrees  of  separation. 

Enterprise 

Applications 

■  29  Google  upgrades  search 
appliance. 

■  29  Start-up  picks  up  bad 
behaviors. 

■  32  DataPower,  Reactivity  add  to 
their  XML  security  line. 

■  32  Netegrity  updates  eProvision 
product. 

■  33  Scott  Bradner: 

Maintaining  general  unreachability. 

■  34  Special  Focus:  Identity 
management  takes  on  new  shape. 

Service  Providers 

■  37  WiMax  starting  to  make  its 
move  as  alternative  to  DSL. 

■  37  Axiowave  Networks  unveils 
‘TDM-grade’  core  router. 

■  38  Johna  Till  Johnson: 

'Net  was  bom  of  economic  necessity, 
not  Cold  War  fears. 


NetWorker 

■  41  Pushing  for  fair  telework 
taxation. 

■  44  Toni  Kistner:  New  OPM 

report  links  telework  to  emergency 
preparedness. 

Technology 

Update 

■  46  Web  Services  Security  pro¬ 
tects  SOAP  messages. 

■  46  Steve  Blass:  Ask  Dr 

Internet. 

■  48  Mark  Gibbs:  RSS  technol¬ 
ogy,  the  really  final  take.  Really. 

■  48  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  52  On  technology:  A  few 

Interop  notes  worth  sharing. 

■  53  Chuck  Yoke:  Take  a  SIP, 
but  don't  bury  H.323. 

■  53  Winn  Schwartau:  A  tale 
of  stupidity  and  liability. 

■  80  BackSpin:  Worrying  about 
the  'Seven  Ugly  Dwarves.' 

■  80  'Net  Buzz:  Online  forums 
offer  more  than  just  noise  for 
companies  willing  to  listen,  MIT 
researcher  says. 

■  70  Career  classifieds. 

Management 

Strategies 

■  65  Worth  the  wait:  Security 
clearances  take  more  than  a  year  to 
obtain,  but  federal  IT  work  pays  well. 

Lexmark  launches  space-saving  desk¬ 
top  printers.  Page  48. 
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I  Exclusive 

Network  World  Fusion  Radio: 
Wireless/mobile  at  UPS 

Network  World  Senior  Writer  Denise  Dubie  talks  to  Cathy  Callagee,  vice 
president  of  IS  at  UPS,  about  her  company's  use  of  wireless  and  mobile 

products.  DocFinder:  2342 

Network  World  Fusion  Radio:  Cheap  servers 

llluminata  analyst  Tom  Deane  talks  about  which  vendor  —  Dell,  HP, 
IBM  or  Sun  —  offers  the  least  expensive  Intel-based  server.  The 
results  might  surprise  you.  DocFinder:  2336 

Vulnerability  feed 

Need  to  know  about  the  latest  viruses,  worms  and  holes?  Our  new 
Vulnerability  Feed  scours  the  'Net  several  times  a  day  for  the 
information  you  need.  DocFinder:  2239 

Network  Encyclopedia 

Get  definitions  for  the  technologies,  hardware,  protocols,  standards 
and  more  behind  networking.  DocFinder:  5548 

!  Seminars  and  Events 

j - 

Are  you  totally  secure  in  your  enterprise 
security  management? 

Are  you  managing  your  network  as  a  security  intelligence  asset?  Find 
out  how  and  get  the  answers  you  need  at  Enterprise  Security: 
Fail-Safe  Architecture,  a  new  Network  World  Technology  Tour  Event. 
Click,  qualify  and  attend  free. 

DocFinder:  1856 


■  CONTACT  US  Network  World,  118Turnpike  Road,  Southborough, 
MA  01772;  Phone:  (508)  460-3333;  Fax:  (508)  490-6438; 

E-mail:  nwnews@nww.com;  STAFF:  See  the  masthead  on  page  18 
for  more  contact  information.  REPRINTS:  (717)  399-1900 

SUBSCRIPTIONS/CHANGE  OF  ADDRESS:  Phone:  (508)  490-6444; 
Fax:  (508)  490-6400;  E-mail:  nwcirc@nww.com; 

URL:  www.subscribenw.com 


!  Columnists 

Wireless  Wizards 

Implementing  QoS  in  a  WLAN 

The  Wizards  answer  a  reader  who  asks:  "Would  you  agree 
that  frame/cell  tagging  'over  the  air'  be  better  referred  to 
as  class  of  service  instead  of  QoS?"  DocFinder:  2337 

Nutter's  Help  Desk 

Moving  time 

Columnist  Ron  Nutter  helps  a  reader  move  a  Web  site  to  a  new 
server.  DocFinder:  2338 

Security  notes 

Shoring  up  security 

Senior  Editor  Ellen  Messmer  says  from  the  innovations  in  the 
high-tech  industry,  the  net-based  security  policy  check  could 
become  a  more  commonplace  practice.  DocFinder  2339 

Small  Business  Tech 

Remote-access  recipes,  Part  3 

Columnist  James  Gaskin  looks  at  online  storage  services. 

DocFinder:  2340 

HomeLAN  Adventures 

The  network  guilt  trip 

Columnist  Keith  Shaw  wonders:  “Should  vendors  make 
assumptions  about  the  age  of  your  home  network?  Should 
you  assume  new  devices  will  only  work  optimally  if  you're 
running  the  latest  and  greatest  gear?"  DocFinder  2340 

Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder:  6342 
Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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News 


SB  Sanjay  Kumar,  Computer  Associates’  chief  software  architect 
and  former  CEO,  has  left  the  company.  Kumar  already  had 
stepped  down  as  CAs  chairman  and  CEO  in  April,  after  questions 
about  his  role  in  an  accounting  fraud  that  saw  CA  record  revenue 
before  contracts  were  finalized  to  inflate  quarterly  financial 
results.  The  scheme  took  place  during  CAs  2000  and  2001  fiscal 
years,  and  affected  revenue  of  $2.2  billion.  Investigations  by  the 
Securities  and  Exchange  Commission  and  the  Department  of 
Justice  into  CAs  accounting  practices  continue,  even  after  three 
former  executives  pleaded  guilty  in  April  to  criminal  charges 
related  to  improper  accounting.  “This  could  be  seen  as  an  indi¬ 
cation  that  [Kumar]  will  be  indicted;  otherwise  there  was  no 
apparent  reason  for  him  to  leave,”  says  Richard  Ptak,  a  partner 
with  consultancy  Ptak,  Noel  &  Associates.“The  immediate  impact 
will  be  felt  more  in  management  and  the  financial  markets  than 
in  the  product  side  of  things.” 

Government  report  laments  patch  problems 

■  The  U.S.  government’s  General  Accounting  Office  last  week  issued  a  report  entitled 
“Continued  Action  Needed  to  Improve  Software  Patch  Management”  that  concluded 
that  23  federal  agencies  and  the  Department  of  Homeland  Security  could  be  doing  a 
lot  better  job  in  applying  software  patches. The  GAO  acknowledged  the  patch-update 
challenge  is  one  federal  agencies  can’t  solve  on  their  own  and  the  IT  industry  needs 
to  do  more  to  facilitate  the  process.  The  GAO  is  recommending  the  Office  of 
Management  and  Budget  provide  guidance  to  agencies  that  would  require  them  to 
report  on  their  patch-management  practices  in  their  annual  Federal  Information 
Security  Management  Act  reports.  The  GAO  also  wants  to  determine  the  feasibility  of 
providing  centralized  patch  management  services  to  federal  civilian  agencies  —  even 
though  one  attempt  by  the  government  to  do  that,  which  was  initiated  by  the  Federal 
Computer  Incident  Response  Center,  was  discontinued. 


“We  had  these  neat  signs 
printed  in  China.  Got  a 
great  price  on  them!” 


Layer 


Each  week  we 
outsource  the 
captioning  to 
you.  Be  like 

Edward  McNally,  who  submitted  the  above  -  write  something 
funny,  win  something  cool.  New  contests  start  each  Monday. 
www.nwfusion.com/weblogs/layer8 


Former  Symbol  execs  face  fraud  charges 

■  Seven  former  top  executives  at  Symbol  Technologies  were  arraigned  last  week  on 
federal  charges  of  “massive  corporate  fraud.”  An  indictment  charged  the  former  CEO, 
CFO  and  several  former  vice  presidents  with  a  variety  of  fraudulent  practices  that 
inflated  the  wireless  LAN  vendor’s  earnings  from  1999  to  2002  by  more  than  $200 
million.  Five  other  former  executives  previously  pleaded  guilty  to  conspiracy 
charges  arising  out  of  the  same  investigation.  No  charges  were  filed  against  Symbol 
and  its  current  management.  But  President  and  CEO  William  Nuti  and  Board 
Chairman  Salvatore  Iannuzzi  signed  agreements  with  the  U.S.  Attorney’s  office  and 
the  SEC  to  pay  $139  million  to  compensate  shareholders  for  losses  connected  to  the 
swindle.The  ex-executives  named  in  the  indictment  include  Tomo  Razmilovic,  pres¬ 
ident  and  CEO,  and  Kenneth  Jaeggi,CFO. 

Oracle  showdown  with  D0J  set  to  begin 

■  Oracle  and  the  Department  of  Justice  are  heading  to  court  this  week  to  do  battle 
over  the  software  maker’s  hostile  takeover  bid  for  PeopleSoft.a  deal  the  government 
says  would  choke  competition  in  the  enterprise  applications  market  and  lead  to 
higher  prices  for  customers.  Lawyers  for  the  two  sides  are  due  to  present  opening 
arguments  today  in  a  federal  court  in  San  Francisco.  Each  side  then  gets  two  weeks 
to  present  its  case.  The  trial  is  expected  to  last  about  a  month,  and  government 
sources  said  they  expect  a  verdict  fairly  quickly,  perhaps  as  soon  as  August.  If  either 
side  appeals,  however,  the  drama  could  drag  out  until  next  year. 

India  outsourcing  revenue  still  climbing 

■  Despite  protests  in  Europe  and  the  U.S.  against  outsourcing  and  the  moving 
of  jobs  to  India,  the  country’s  software  services  and  business  process  outsourcing 
services  business  is  booming,  according  to  data  released  last  week  by  the  National 
Association  of  Software  and  Service  Companies  in  Delhi.  India’s  software  and 
services  exports  business  recorded  revenue  of  $12.5  billion  in  the  year  to  March  31, 
up  by  30.5%  over  revenue  of  $9.6  billion  in  the  previous  fiscal  year,  according 
to  NASSCOM.  The  U.S.  and  U.K.  markets  accounted  for  about  85%  of  revenue. 
India’s  software  and  services  exports  are  projected  to  grow  by  about  32%  in  the 
year  to  March  31,  2005,  to  reach  revenue  of  more  than  $16.3  billion,  according  to 
NASSCOM. 


Kumar  calls  it  quits  at  CA 


Cisco  routers  can  be  found  just  about 
everywhere  on  Earth,  and  now  they're 
about  to  make  one  giant  leap  for  IP 
routing.  NASA  is  planning  a 
demonstration  this  month  of  a  Cisco 
router  in  space  —  on  a  satellite 
in  low  Earth  orbit  —  for  secure 
networking  between  mobile  devices  on 
the  ground,  * 


An  executive  from.  Citadel  Security  Software 
pointed  to  offshore  software  development  as  one  - 
reason,  for  security  vulnerabilities  in  a  hearing  last  i 
week  before  a  U.S.  House  subcommittee.  “Software  / 
development  organizations  should  be  required  to  / 
have  all  overseas-developed  software  examined .  I  , 
for  malicious  capabilities  embedded  in  the  code,"  said 
Citadel  CEO  Steve  Solomon.  “Industry  and  government 
must  work  together  to  develop  some  form  of  standard 
or  review  process  to  address  this  growing  threat." 
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Three  vendors  teamed  up  to  issue  a  press  release 
last  week  touting  the  use  of  their  wireless  LAN  and  video  surveillance  technology 
at  the  Scott  Peterson  murder  trial  in  California.  It  remains  to  be  seen  how  the  jury 
.  will  find  Peterson,  but  these  vendors  are  clearly  guilty  of  lame  PR. 


FINALLY  A  WAY  TO  DETECT, 
ISOLATE,  AND  ELIMINATE 
VIRUSES  AND  WORMS 
AT  THE  NETWORK  LAYER. 
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April  22.  2003 
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Next  frontier  for  wireless:  Sensor  networks 


fcfc  Wireless  sensors  won  t  make  for  a 
breakthrough  in  capabilities,  but  well  be 
able  to  install  these  systems  much  less 
expensively.  9  9 

Ken  McCoy 

General  manager,  Tyco  Thermal  Controls 


■  BY  JOHN  COX 

Wireless  sensors  finally  are 
moving  from  starry-eyed  predic¬ 
tions  to  hard-eyed  but  limited 
production. 

As  a  result,  network  executives 
eventually  can  expect  to  see 
whole  new  classes  of  objects  on 
their  networks:  pipe  heaters,  air 
conditioners,  electric  pumps 
and  even  grapes. 

Wired  sensor  networks  have 
been  around  for  decades,  with 
an  array  of  gauges  measuring 
temperature,  fluid  levels,  humid¬ 
ity  and  other  attributes  on  pipe¬ 
lines,  pumps,  generators  and 
manufacturing  lines.  Many  of 
these  run  as  separate  wired  net¬ 
works,  sometimes  linked  to  a 
computer  but  often  to  a  control 
panel  that  flashes  lights  or 


sounds  an  alarm  when  a  temper¬ 
ature  rises  too  high  or  a  machine 
vibrates  too  much.  Also  wired  in 
are  actuators,  which  let  the  con¬ 
trol  panel  slow  down  a  pump  or 
turn  on  a  heater  or  a  fan  in 
response  to  the  sensor  data. 

Now  advances  in  silicon  radio 
chips,  coupled  with  cleverly 
crafted  routing  algorithms  and 


network  software  are  promising 
to  eliminate  those  wires,  and 
their  installation  and  mainte¬ 
nance  costs  (see  graphic,  page 
78).  Mesh  network  topologies 
will  let  these  wireless  networks 
route  around  nodes  that  fail  or 
whose  radio  signal  is  hammered 
by  interference  from  heavy 
equipment.  A  gateway  will  create 


a  two-way  link  with  legacy  con¬ 
trol  systems,  hosts,  wired  LANs  or 
the  Internet. 

This  combination  of  sensors 
and  low-power  wireless  network¬ 
ing  “give  inanimate  things  an 
identity”  says  lan  McPherson, 
president  of  Wireless  Data 
Research.  “You  can  ascribe 
things  like  attributes,  location 
and  a  history  to  an  object.” 
Wireless  sensors  will  slash  the 
costs  of  collecting  this  data,  ana¬ 
lyzing  it  and  acting  on  it,  he  says. 

These  networks  can  use  several 
different  wireless  technologies, 
including  IEEE  802.11  wireless 
LANs,  Bluetooth  and  radio  fre¬ 
quency  identification  (RFID).  But 
right  now  most  of  the  action  is 
with  low-power  radios  that  have 
a  range  of  about  30  to  200  feet 
and  data  rates  of  up  to  around 


300K  bit/sec.  Most  of  these,  with 
their  accompanying  network  soft¬ 
ware  and  APIs,  are  proprietary 
products. 

But  the  IEEE  last  year  approved 
the  802.15.4  low-rate  standard  for 
a  simple,  short-range  wireless 
network  whose  radio  compo¬ 
nents  could  run  several  years  on 
a  single  battery.  The  ZigBee 
Association,  a  group  of  vendors, 
anticipates  finalizing  by  year-end 
an  industry  specification  for  the 
network  software  that  will  run  on 
the  802.15.4  radio  chips. 

“Over  the  next  12  months,  the 
wireless  trials  will  move  to  limit¬ 
ed  deployments, and  they’ll  be  in 
areas  like  environmental  condi¬ 
tion  monitoring  and  meter  read¬ 
ing,"  McPherson  says. 

Several  vendors  confirm  that 
See  Sensors,  page  78 


Industry  awaits  Juniper's  next  enterprise  move 


■  BY  JIM  DUFFY 

Juniper’s  entry  into  the  enter¬ 
prise  market  is  based  on  much 
more  than  expanding  its  revenue 
opportunity 

A  presence  in  this  market  is  key 
to  fulfilling  Juniper’s  Infranet 
Initiative,  an  effort  to  coalesce 
the  industry  around 
standards  for  securely 
transacting  business 
across  the  Internet  and 
making  money  from  IP 
services.  One  of  the  initiative’s 
two  chief  standards-based  com¬ 
ponents  is  an  interface  between 
corporations  and  the  carrier 
network. 

The  enterprise  market  also  is 
ripe  for  Juniper  because  there  is 
no  clear  competitor  to  Cisco  in 
carrier  routing.  The  companies 
chasing  Cisco  all  have  Ethernet 
switch  market  shares  in  the  low- 
to  mid-single  digits  compared 
with  Cisco’s  70%. 

Juniper  also  would  have  a 
credible  end-to-end  offering  to 
pitch  against  Cisco.  The  end-to- 
end  system  approach  is  more 
profitable  than  selling  disparate 
boxes,  analysts  say 

However,  Juniper  has  a  way  to 
go  to  match  the  breadth  of 
Cisco’s  LAN/WAN  product  line. 
The  $4  billion  acquisition  of  fire¬ 
wall  and  VPN  vendor  NetScreen 
Technologies  early  this  year  is 
only  the  first  step. 

“NetScreen  provides  us  with 


the  ability  to  secure  the  enter¬ 
prise  infrastructure,”  Pradeep 
Sindhu,  Juniper  vice  chairman, 
founder  and  CTO,  said  during  an 
interview  with  Network  World 
two  weeks  ago,  in  which  he 
explained  NetScreen’s  role  in  the 
Infranet  Initiative. 

Another  step  is  to  make  some 
enterprise  infrastruc¬ 
ture.  That  is  also  impli- 

ANALYSIS  cit  in  Juniper’s  Infranet 

Initiative. 

“When  you  have  to 
protect  the  infrastructure  that’s 
inside  the  enterprise  network  — 
these  devices  are  going  to  live  in 
the  enterprise  network,  so  to  that 
extent,  of  course,  we’re  addressing 
the  enterprise  market,”  Sindhu 
said. 

Speculation  within  the  industry 
has  it  that  Juniper  will  more  firm¬ 
ly  root  itself  in  the  enterprise 
market  through  the  acquisition 
of  Ethernet  LAN  switch  player 
Extreme  Networks.  And  Juniper 
is  believed  to  be  close  to  unveil¬ 
ing  a  line  of  enterprise  access 
and  branch-office  routers  that 
utilize  NetScreen’s  VPN  and  fire¬ 
wall  capabilities. 

It  is  unclear  if  these  routers, 
code-named  Pepsi,  will  have  an 
initial  version  of  the  Infranet 
Initiative-standard  interface. 
Juniper  did  not  respond  to 
requests  for  comments  on  Pepsi 
or  Extreme. 

Juniper’s  reported  interest  in 
Extreme  is  based  on  several  fac¬ 


tors:  The  other  ven¬ 
dors  —  3Com, 

Enterasys  Net¬ 
works,  Foundry 
Net  works,  HP  and 
Nortel  —  are  either 
too  big,  too  expen¬ 
sive,  unhealthy  or 
unfit.  Extreme’s 
market  cap  is  a  rel¬ 
atively  affordable 
$700  million. 

Also,  Juniper  has  a 
relationship  with 
Extreme. 

“All  of  the  ingredi¬ 
ents  are  there,”  says 
Michael  Howard, 
principal  of  Infonetics  Research. 
“Extreme,  NetScreen  and  Juniper 
have  approached  companies  to¬ 
gether,  and  have  been  working 
together  for  a  long  time.” 

Extreme  also  has  a  strategic 
alliance  with  Avaya  that  would 
give  Juniper  access  to  enterprise 
VoIP  opportunities  with  Cisco’s 
rival  in  that  market.  But  Extreme 
wasn’t  Juniper’s  first  choice, 
according  to  one  analyst. 

“I  heard  through  the  grapevine 
that  they  made  a  $500  million 
offer  to  ForcelO  [Networks], 
which  ForcelO  turned  down,” 
says  Zeus  Kerravala,  analyst  with 
The  Yankee  Group. 

Sindhu  played  down  the  enter¬ 
prise/service  provider  market 
distinction,  as  Juniper  did  when 
it  announced  the  Infranet  Init¬ 
iative  last  fall. 


“It’s  not  so  much 
the  enterprise  mar¬ 
ket  and  the  service 
provider  market  as 
it  is  the  emergence 
of  a  virtual  net¬ 
work,”  he  said. 
“What  you  want  to 
do  is  you  want  to 
provide  a  certain 
set  of  communica¬ 
tions  services  and 
you  [the  services 
provider]  don’t 
particularly  care 
where  the  physical 
devices  that  pro¬ 
vide  the  service 
are.  In  fact,  you’d  like  to  not  know 
about  that.” 

But  those  devices  have  to  be 
somewhere.  And  one  of  the 
Infranet  Initiative’s  two  main 
standards-based  components  is 
a  client-to-network  interface  that 
connects  corporations  to  the  ser¬ 
vice  provider  network. 

“There  are  two  places  in  the 
network  where  it’s  very  impor¬ 
tant  to  establish  standards,” 
Sindhu  said.  “One  of  them  is 
where  the  device  outside  of  the 
service  provider  network  inter¬ 
faces  to  the  service  provider 
network.” 

This  is  where  the  Pepsi  access 
and  branch-office  routers  even¬ 
tually  will  come  in.  The  Pepsi 
routers,  hinted  at  when  Juniper 
bought  NetScreen  early  this  year, 
are  expected  to  run  Juniper’s 


Junos  router  operating  system 
with  some  of  NetScreen’s  IPSec 
and  Secure  Sockets  Layer  VPN 
security  stateful  firewall  packet 
filtering  and  intrusion-detection 
features. 

The  Pepsi  routers  will  go  up 
against  Cisco’s  800,  1700  and 
3700  series  routers. 

Two  years  ago,  Juniper  CEO 
Scott  Kriens  pledged  that  Juniper 
would  not  enter  the  enterprise 
market  because  of  requests  from 
its  service  provider  customers  not 
to  compete  with  them  for  enter¬ 
prise  business.  Sindhu  said  that’s 
no  longer  a  concern. 

“We  don’t  see  a  conflict  at  all 
because  what  we  are  doing,  our 
real  motivation  for  doing  this,  is 
to  bring  about  a  network  that  is 
profitable,”  he  said.  “The  Infranet 
vision  is  a  win-win  for  all  of  the 
parties  involved  in  the  food 
chain.” 

Juniper  customer  BellSouth  will 
reserve  judgment  on  that  for  now. 

“Juniper  is  one  of  BellSouth’s 
key  network  suppliers,  and  we 
will  continue  to  view  them  pri¬ 
marily  in  that  light,”  a  company 
spokesman  says.  “With  shifting 
markets,  many  suppliers,  partners 
and  competitors  have  complex 
relationships  where  they  some¬ 
times  act  as  one  or  the  other. 
That’s  part  of  doing  business. 
Juniper  has  been  successful  in 
the  core  network,  and  we  look 
forward  to  watching  how  they  ad¬ 
dress  the  enterprise  market.”  ■ 


Juniper  vice  chairman  and 
CTO  Pradeep  Sindhu  says 
the  company's  Infranet 
plans  require  an  enter 
prise  presence. 


YOUR  COMPANY’S  FIREWALL 


Introducing  DuPont™  safety  certified  limited  combustible  cable.  In  the  event  of  a  fire, 
securing  your  business’  uptime  is  crucial.  The  data  communications  cable  you  choose 
could  play  a  key  role  in  protecting  your  network  technology  investment.  DuPont I  M  safety 
certified  cable  produces  20  times  less  smoke  than  other  plenum  rated  cables.  And  less 
smoke  means  less  costly  downtime,  making  it  the  most  advanced  fire  safety  cable 
technology  available  today.  To  learn  more  about  DuPont'™  safety  certified  limited  combustible 
cable  or  to  request  a  free  CD,  log  on  to  teflon.com/cablingmaterials  or  call  1-800-207-0756. 
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NEC  to  roll 
out  Itanium 
blade  servers 


■  BY  DENI  CONNOR 

NEC  this  week  is  expected  to 
roll  out  the  industry’s  first  Itani¬ 
um-based  blade  servers  for  use 
in  high-performance  technical 
computing,  pharmaceutical  and 
financial  environments. 

HP  IBM  and  Intel  have  prom¬ 
ised  Itanium-based  blades,  but  so 
far  have  not  delivered. 

“NEC’s  Itanium  blade  server  is 
the  first  major  systems  vendor  to 
offer  the  Itanium  Processor  Fam¬ 
ily  [IPF]  as  part  of  a  blade  envi¬ 
ronment,”  says  Jamie  Gruener,  a 
senior  analyst  for  The  Yankee 
Group.  “I’d  expect  other  first-tier 
server  vendors  to  follow  suit  in 
the  next  12  months.” 

Vendors  have  not  used 
Itanium  2  processors  in  blade 
designs  because  the  blade  mar¬ 
ket  focuses  on  entry-level 
servers,  and  the  IPF  is  targeted  for 
higher-end  applications,  Gruener 
says.  He  says  designing  a  Itanium 
2  system  can  be  complex  be¬ 
cause  of  the  additional  cooling 
and  power  requirements. 

To  overcome  heat  and  power 
problems,  NEC  has  outfitted  its 
chassis  with  a  2U  hot-swappable 
and  redundant  power  supply 

Its  IPF  Blade  also  is  the  first  to 
use  InfiniBand  natively  as  a  clus¬ 
tering  technology  —  each  dual¬ 
processor  blade  ships  with  a  Top- 
spin  Communications  host  chan¬ 
nel  adapter,  which  lets  servers  use 
InfiniBand  to  cluster  themselves 
for  faster,  more  efficient  and  par¬ 
allel  operation. 

“This  platform  is  also  interest¬ 
ing  because  it  supports  Infini¬ 
Band  natively,  something  that 
other  blade  vendors  are  bound 
to  offer  as  a  way  of  improving 
inter-node  communication,” 
Gruener  says.  Sun  says  that  it  also 
will  use  InfiniBand  to  intercon¬ 
nect  its  blade  servers. 

As  many  as  nine  NEC  IPF 
blades  fit  in  a  10U  chassis.  Each 
blade  can  be  populated  with  one 
or  two  36G-byte  disk  drives.  The 
blades  also  can  use  a  Topspin 
InfiniBand  switch  to  connect  to 
external  storage. 

The  blades,  which  run  Red  Hat 
Linux,  operate  at  1 .6  GHz. 

A  configuration  of  nine  dual¬ 
processor  blades,  the  chassis,  re¬ 
dundant  power  and  one  36G- 
byte  disk  starts  at  $79,000.  The 
system  is  expected  to  be  avail¬ 
able  in  September.  ■ 


IBM  hooking  .Net  into  access  mgmt. 


■  BY  JOHN  FONTANA 

IBM  this  week  for  the  first  time 
will  add  support  for  Microsoft’s 
.Net  development  tools  to  its  ac¬ 
cess  management  software,  let¬ 
ting  corporations  build  support 
for  IBM’s  identity  management 
platform  directly  into  Windows- 
based  applications. 

IBM  Tivoli  Access  Manager  for 
Microsoft  .Net  will  provide  a  set 
of  APIs  to  tie  authorization  and 
administration  services  into 
Microsoft’s  .Net  framework. That 
means  applications  written  for 
the  framework,  a  runtime  envi¬ 
ronment  for  .Net  managed  code 
within  the  Windows  operating 
system,  can  natively  use  Access 
Manager  as  an  access  control 
mechanism. 

The  goal  is  to  let  corporations 
create  a  single  layer  within  a  net¬ 
work  for  access  control  and  single 
sign-on  using  Tivoli  Access  Man¬ 
ager  for  eBusiness  and  program¬ 
matically  tie  in  any  Web-based 
application  regardless  if  it  is  writ¬ 
ten  in  .Net  or  Java  2  Platform  En¬ 
terprise  Edition  (J2EE).  IBM  al¬ 
ready  supports  J2EE  applications 
in  Access  Manager. 

Companies  would  not  have  to 
write  security  controls  into  each 


The  .Net  connection 

IBM  Tivoli  Access  Manager 
for  Microsoft  .Net 
includes  four  basic 
functions  that  link  .Net 
and  Access  Manager. 

•  .Net  applications  can  call 
authentication,  authori¬ 
zation  and  administration 
services  in  Access 
Manager. 

•  Role-based  authorization 
at  class  and  method  level, 
and  programmatic  invo¬ 
cation  from  .Net  appli¬ 
cations. 

•  Single  sign-on  and 
authentication  module  for 
ASP  .Net 

•  Evaluation  of  .Net  role 
membership  decisions 
using  Access  Manager. 


application.  Instead,  the  applica¬ 
tion  would  defer  that  responsi¬ 
bility  to  Access  Manager,  enabl¬ 
ing  reuse  of  existing  access  poli¬ 
cies  and  providing  a  central 
point  for  adding,  changing  or 


deleting  policies. 

Developers  also  would  use  the 
APIs  to  customize  the  interaction 
between  Access  Manager  and 
.Net  applications. 

“As  customers  become  more 
heterogeneous,  we  have  to 
bring  everything  together  and 
extend  Access  Manager  beyond 
J2EE,”saysVenkat  Raghavan,  prod¬ 
uct  manager  for  Tivoli  identity 
management. 

In  the  first  version  of  the  .Net 
tools,  which  are  available  for  free 
on  IBM’s  Alphaworks.com  Web 
site,  IBM  is  modifying  its  current 
API  set  to  work  with  .Net.  In  the 
future,  Tivoli  Access  Manager  for 
Microsoft  .Net  will  become  a  dis¬ 
tinct  product,  Raghavan  says. 

Access  Manager  already  runs 
atop  Microsoft’s  Active  Directory 
to  grant  access  to  applications 
and  provide  a  single  sign-on  fea¬ 
ture  from  Windows  desktops 
using  Internet  Explorer.  But  with 
Access  Manager  tied  into  appli¬ 
cation  development  tools,  com¬ 
panies  can  fine-tune  access  to 
applications  to  certain  functions 
or  a  particular  set  of  data.  That 
would  let  companies  provide  a 
range  of  partners  with  varying 
degrees  of  access  to  the  same 
application. 


“Microsoft  is  promoting  the  use 
of  .Net  interfaces,  and  the  access 
management  vendors  need  to 
ensure  their  software  work  with 
the  broadest  variety  of  applica¬ 
tions,”  says  Daniel  Blum,  an  ana¬ 
lyst  with  Burton  Group. 

Microsoft  provides  limited  ac¬ 
cess  management  features 
through  Internet  Information 
Server,  which  is  part  of  the  Win¬ 
dows  operating  system,  but  the 
company  relies  on  third-parties 
to  provide  full-blown  access  man¬ 
agement  software.  Companies 
such  as  Netegrity,  Oblix  and 
Open  Network  provide  those 
products. 

Netegrity  offers  similar  capabili¬ 
ties  as  IBM  is  touting,  but  with  a 
different  architecture.  Netegrity 
uses  agents  that  work  with  Trans- 
actionMinder  to  add  security  in¬ 
formation  into  XML  messages 
sent  by  any  application.The  agent 
runs  on  Internet  Information 
Server  to  intercept  messages  sent 
by  .Net  applications. 

“The  access  management  sys¬ 
tem  should  inject  security  infor¬ 
mation, the  application  developer 
should  not  have  to  be  security¬ 
conscious,”  says  Marc  Chanliau, 
product  manager  for  XML  tech¬ 
nologies  at  Netegrity  ■ 


IBM  enhances  data  integration 


■  BY  ANN  BEDNARZ 

IBM  this  week  is  expected  to 
take  the  wraps  off  the  next  ver¬ 
sion  of  its  data  integration  soft¬ 
ware.  Code-named  Masala,  the 
forthcoming  release  of  IBM’s 
DB2  Information  Integrator  soft¬ 
ware  aims  to  make  it  easier  for 
companies  to  search  multiple 
data  sources  and  be  alerted  to 
key  business  events. 

The  purpose  of  DB2  Infor¬ 
mation  Integrator  is  to  simplify 
access  to  heterogeneous  data 
sources  —  structured  and  un¬ 
structured  content,  including 
e-mail,  spreadsheets,  text  files,  flat 
files,  video  and  XML  documents. 

The  software  doesn’t  require 
companies  to  move  or  alter 
existing  data  sources;  analytic 
queries  run  over  corporate  net¬ 
works,  polling  multiple  types  of 
data  as  if  it  were  all  stored  in 
one  location. 

In  the  Masala  version,  IBM  has 
added  a  twist:  The  software  can 
automatically  publish  key  events, 
or  changes,  to  message-oriented 
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Integration 

expense 

Linking  new  and  legacy 
systems  consumes 
about 

35% 

of  the  cost  of  installing, 
writing  or  modifying  an 
application,  according 
to  Gartner. 

v _ _ _ _ _ J 

middleware,  such  as  IBM’s  Web¬ 
Sphere  MQ,  thereby  triggering 
automated  business  processes. 
For  example,  if  a  manufacturer 
makes  a  change  to  its  price  table, 
that  can  trigger  the  software  to 
send  price  updates  to  its  sales 
force,  retailers  and  Web  channels 
using  the  manufacturer’s  messag¬ 
ing  infrastructure. 

Autonomic,  or  self-managing, 
features  also  are  a  big  part  of  the 
new  release,  says  Nelson  Mattos, 


director  of  information  integra¬ 
tion  at  IBM.  DB2  Information  In¬ 
tegrator  now  can  detect  and  not¬ 
ify  IT  users  when  there  are 
changes  in  back-end  data 
sources  that  could  impede  a 
query  such  as  a  server  outage  or 
application  update  that  affects 
system  configuration,  Mattos  says. 

The  software  also  includes  DB2 
Design  Advisor,  which  analyzes 
query  workloads  and  recom¬ 
mends  caching  strategies  to 
speed  query  processing,  and  a 
new  configuration  wizard  that 
walks  users  through  the  process 
of  discovering  enterprise  data 
sources. 

Performance  enhancements 
will  let  users  run  queries  across 
data  sources  up  to  10  times  faster 
than  before,  Mattos  says. 

Fueling  these  performance 
gains  are  new  replication  capabil¬ 
ities  that  can  move  data  at  twice 
the  speed  as  earlier  versions  and 
at  half  the  CPU  cost,  he  says. 
Another  performance-driven  fea¬ 
ture  will  let  companies  designate 
high-priority  users;  a  brokerage 


package 

firm  could  prioritize  queries  that 
originate  in  the  corporate  portal 
of  high-worth  customers,  for 
example. 

DB2  Information  Integrator  is 
just  one  of  many  tools  that  com¬ 
bine  a  distributed  query  engine 
with  adapters  to  various  data 
sources. 

Other  vendors  offering  such 
software  for  virtual  data  federa¬ 
tion  include  Avaki,  BEA  Systems, 
CenterBoard,  Composite  Soft¬ 
ware  and  Metamatrix. 

IBM  is  launching  an  open 
beta  of  DB2  Information  Inte¬ 
grator  this  week  and  expects  to 
begin  shipping  it  in  the  fourth 
quarter. 

The  company  would  not  dis¬ 
close  pricing  for  Masala  . 

Existing  DB2  Information  Inte¬ 
grator  software  costs  $5,000  per 
CPU  at  the  low  end.  Imple¬ 
mentations  that  combine  data 
replication  with  advanced  inte¬ 
gration  capabilities  are  priced 
from  $20,000  to  $40,000  per  pro¬ 
cessor,  plus  the  cost  of  adapters, 
according  to  Gartner.  ■ 


witch  to  voice  over  IP  without  any  hang-ups 
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Sun  to  rein  in  spending, 
expand  partnerships 


■  BY  JENNIFER  MEARS  AND  DENI  CONNOR 

Sun,  smarting  from  12  consecutive  quar¬ 
ters  of  revenue  declines,  last  week 
announced  expanded  subscription  pric¬ 
ing  models,  new  features  for  Solaris  — 
including  plans  to  open  up  the  source 
code  for  portions  of  the  operating  system 
—  and  a  partnership  with  Fujitsu  that  ana¬ 
lysts  say  could  help  get  the  company  back 
on  track. 

Sun  executives  used  an  event  in 
Shanghai,  China,  last  week  to  tout  the  com¬ 
pany’s  plan  to  simplify  network  computing, 
with  announcements  that  ranged  from  the 
Fujitsu  partnership  to  per-user  pricing  for 
Sun’s  Java  Enterprise  System  middleware. 
Also  in  the  plan  are  pay-per-use  pricing  for 
storage  systems  and  a  new  self-healing,  self¬ 
managing  filesystem  for  Solaris  10,  which  is 
slated  for  release  by  year-end. 

Sun  President  and  COO  Jonathan 
Schwartz  reiterated  that  the  company  is 
looking  to  create  an  open  environment 
around  Solaris.  Sun  would  not  discuss  tim¬ 
ing  or  details  of  the  plan,  including  what 
licensing  model  it  would  use,  but  analysts 
suspect  the  company  would  open  up 
source  code  for  Solaris  in  a  similar  fashion 
to  Java. 

“If  they  do  open  source  Solaris,  it  likely 
will  be  on  a  restrictive  license,  something 
akin  to  Java,  that  lets  them  maintain  fairly 
tight  control  over  its  development  and 
use”  says  Gordon  Haff,  an  analyst  at 
llluminata.  “But  they  are  making  a  lot  of 
aggressive,  break-with-their-own-history 
types  of  moves,  which  is  something  that 
has  served  Sun  well  in  the  past.  None  of 
this  guarantees  ultimate  Sun  success,  but  it 
certainly  gives  them  a  chance  to  succeed.” 

Haff  notes  Solaris  is  now  open  to  some 
extent  if  users  sign  non-disclosure  agree¬ 
ments  before  looking  at  the  source  code. 

“Merely  opening  up  the  source  in  the 
sense  of  allowing  people  to  look  at  it  is 
really  not  a  radical  departure  of  where 
things  are  today/’ he  says. “The  goal  for  Sun 
is  to  get  more  community  development 
going, really  as  a  way  of  enabling  Solaris  on 
x86  to  better  compete  with  Linux.” 

That  might  help  cut  research  and  devel¬ 
opment  costs,  which  amounted  to  about 
16%  of  revenue  last  year. 

In  the  company’s  most  recent  quarter, 
which  ended  in  March,  it  had  a  $750  mil¬ 
lion  net  loss  on  $2.6  billion  of  total  sales. 

In  another  move  that  will  reduce  the 
R&D  load,  Sun  announced  an  expanded 
partnership  with  Fujitsu  to  merge  the  com¬ 
panies’  scalable  processor  architecture 
(SPARC)-based  server  systems  by  2006  in 
an  effort  to  deliver  a  single  line  of  Solaris 
servers  (for  more  information,  see  Short 
Takes,  page  21).  Fujitsu  already  sells  mach¬ 
ines  based  on  Sun’s  SPARC  chips  and  So¬ 
laris  operating  system. 


Looking  for  light 

Sun  hopes  major  changes  will 
help  pull  it  back  into  profitability. 

The  challenge 

Turn  around  12  straight  quarters  of 
revenue  declines. 


The  major  hurdles 

Customer  trending  toward  low-priced 
x86-based  boxes  running  Linux  instead 
of  high-end  Sparc-based  systems  Sun 
was  best  known  for.  Pricing  pressures 
across  the  Unix  market. 


The  plan 

•  A  management  shakeup  that  leaves 
former  software  chief  Jonathan 
Schwartz  as  the  company's  new  COO 
and  software  CTO  John  Fowler 
adding  management  of  x86-based 
systems  to  his  responsibilities. 

•  Talk  of  open  sourcing  parts  of  Solaris 
as  a  way  to  meet  Linux  head-on. 

•  Continued  subscription-based 
pricing  for  its  software  packages, 
extending  it  to  per-citizen  pricing  for 
developing  countries,  and  to  storage 
offerings. 


“Consolidating  the  product  lines  is  a 
good  move  for  Sun.  It  will  save  them  some 
R&D  costs,  as  well  as  costs  of  going  to  mar¬ 
ket,”  says  Jamie  Gruener,  a  senior  analyst  at 
The  Yankee  Group.“But  Sun  has  to  be  very 
careful  that  they  don’t  look  like  they’re 
abandoning  their  installed  base.” 

In  other  announcements, Sun: 

•  Formally  introduced  a  pay-per-use  stor¬ 
age  model,  in  which  users  are  charged  as 
little  as  2  cents  per  megabyte,  per  year. 

•  Announced  new  storage  arrays,  includ¬ 
ing  the  Sun  StorEdge  6290,  which  will  allow 
Fibre  Channel  fabric-based  replication, 
point-in-time  copies,  data  migration  and 
centralized  management  services,  and  is  a 
product  of  Sun’s  acquisition  of  Pirus  in 
2002. 

•  Unveiled  the  carrier-grade  Netra  440 
server, starting  at  $14, 000,  with  new  ruggedi- 
zed  storage  arrays. 

•  Extended  its  Java  Enterprise  System  to 
support  Linux,  with  plans  to  support 
Windows  and  HP-UX. 


Senior  Editor  John  Fontana  contributed  to 
this  report. 


■  Sun's  storage  division  CTO,  Balint 
Fleischer,  talks  server  interconnect 
strategies.  PAGE  21 
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Tropos  boosts  outdoor 
wireless  LAN  system 


■  BY  JOHN  COX 

Tropos  Networks  this 
week  plans  to  air  updates 
to  its  hardware  and  soft¬ 
ware  intended  to  make  it 
easier  to  build  and  run 
outdoor  wireless  mesh 
networks. 

The  company  says  the 
changes  to  its  Wi-Fi  Cell 
System  Release  3  will 
enable  management  of 
five  times  as  many  nodes 
as  before  and  require 
20%  fewer  access  points 
to  cover  the  same  geo¬ 
graphical  area. 

The  upgrades  are 
scheduled  to  be  an¬ 
nounced  this  week  at  the 
Wi-Fi  Planet  conference 
in  Baltimore. 

Tropos  is  introducing 
software  features  such 
as  cross-subnetwork  roaming,  options  for 
its  Tropos  5110  outdoor  802.11b  nodes, 
and  a  revamped  network  management 
application. 

The  vendor  is  one  of  several  using  802. 1 1 
radios  to  create  wireless  LANs  (WLAN) 
that  span  large  areas,  such  as  a  downtown 
business  district.  These  companies  have 
crafted  mesh  networking  algorithms  that 
let  access  points  interconnect  and  route 
traffic  over  multiple  paths,  much  like  the 
wired  Internet. 

Bill  Marion,  information  services  director 
for  the  city  of  Milpitas,  Calif.,  likes  the 
change. Milpitas  has  32  51 10  outdoor  nodes 
mounted  on  streetlight  poles,  which  create 
an  802.11b  WLAN  covering  roughly  5 
square  miles,  mostly  along  main  roads. 
Thirty  police  cruisers,  and  soon  20  fire  vehi¬ 
cles,  have  mobile  computers,  and  Cisco 
802.11b  network  interface  cards,  with  exte¬ 
rior-mounted  antennas.  The  network  acts 
like  a  broadband  cellular  network. 

The  key  new  feature  for  Marion  is  cross¬ 
subnetwork  roaming.  In  an  earlier  WLAN 
pilot, police  cruisers  could  use  the  network 
only  by  parking  at  a  stand-alone  WLAN  hot 
spot.  When  they  drove  to  another  one,  they 
had  to  re-connect  and  re-authenticate. 
“With  subnet  roaming,  a  cruiser  can  come 
up  [online]  on  the  net  and  stay  on  it,  as 
long  as  we  have  [Tropos]  coverage,” 
Marion  says. 

Marion  wants  to  evaluate  a  new  5110 
option:  a  node  fitted  with  a  lower-power 
radio,  running  at  200  milliwatts  instead  of  1 
watt.  Under  FCC  rules,  this  low-power 
device  can  be  fitted  with  a  broader  array  of 
antennas.  Marion  wants  to  put  one  on  a  tall 
building  with  a  directional  antenna  for 
access.  Another  new  option  is  battery  back¬ 
up,  which  will  keep  each  node  running  for 
6  to  8  hours  if  the  power  fails.The  electrical 


outages  that  plagued 
California  two  years  ago 
have  made  this  backup 
much  more  important  to 
the  city 

The  reworked  Tropos 
Control  net  manage¬ 
ment  software  now  lets 
Marion  display  each 
node  on  a  detailed  map 
of  the  city  and  blue  lines 
show  the  changing  radio 
connections  among  the 
nodes. 

Tropos  Control  pricing 
is  unchanged,  from  $100 
to  $200  per  node,  de¬ 
pending  on  volume.  The 
company  calculates 
node  pricing  based  on 
the  area  being  covered: 
typically  $30,000  to 
$50,000  per  square  mile, 
depending  on  terrain 
and  obstacles.  The  bat¬ 
tery  back-up  option  would  be  about  $3,600 
at  the  low  end,  in  that  case.  ■ 


Microsoft  boosts 
business  intelli¬ 
gence  tools 

■  BY  JOHN  FONTANA 

Microsoft  last  week  released  two  Office- 
based  tools  for  letting  users  extract  and 
view  business  data  from  back-end  systems. 

The  company  introduced  the  Office  Bus¬ 
iness  Scorecards  Accelerator  and  Office 
Excel  Add-in  for  SQL  Server  Analysis  Serv¬ 
ices.  The  two  free  tools  attempt  to  provide 
an  easier  path  for  end  users  to  get  a  look  at 
business  data,  such  as  sales  and  revenue 
numbers,  through  reports  and  analysis. 

The  two  offerings  ratchet  up  the  sophisti¬ 
cation  of  business  intelligence  software  Mi¬ 
crosoft  is  offering  and  could  point  to  deep¬ 
er  strategic  plans,  analysts  say 

"The  Business  Scorecards  Accelerator 
gives  Microsoft  an  analytical  application,” 
says  Mike  Schiff,  vice  president  of  data 
warehousing  and  business  intelligence  for 
research  firm  Current  Analysis.  “They  may 
be  testing  the  waters  to  offer  business  intel¬ 
ligence  solutions  rather  than  just  business 
intelligence  tools.  That  would  put  them 
into  competition  with  all  the  business  intel¬ 
ligence  vendors.”  Those  vendors  include 
Cognos,  Business  Objects  and  SAS 
Institute. 

The  Business  Scorecards  Accelerator  can 
pull  together  data  from  a  variety  of  back¬ 
end  databases,  including  Microsoft’s  SQL 

See  Microsoft,  page  20 


The  Tropos  5110  outdoor  WLAN 
mesh  node  now  features  a  battery 
back-up  option,  more  sensitive 
radio  reception  and  support  for 
cross-subnet  roaming. 
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continued  from  page  1 

character  and  instill  company 
loyalty  Songs  of  the  IBM  started 
with  the  “Star  Spangled  Banner” 
and  followed  with  more  than  80 
IBM-specific  ditties,  including 
the  rollicking  rally  song  “Ever 
Onward,”  written  in  1931  by 
IBM’er  Frederick  Tappe: 

“There ’s  a  thrill  in  store  for  all 
For  we’re  about  to  toast 
The  corporation  that  we  repre¬ 
sent. 

We’re  here  to  cheer  each 
pioneer 

And  also  proudly  boast, 

Of  that  man  of  men 
Our  friend  and  guiding  hand 
The  name  ofT.J.  Watson  means 
A  courage  none  can  stem 
And  we  feel  honored  to  be 
Here  to  toast  the  IBM." 
“Company  employees 
embraced  [song  singing] 
because  they  didn’t  have  that 
kind  of  job  security  anywhere 
else  in  America,”  says  Bob 
Djurdjevic,  president  of  Annex 
Research.  He  joined  IBM  in 
1970,  a  decade  after  the  last 
rousing  lilt  of  grace  notes  left 
the  company’s  buildings. 

“IBM  was  unique  in  that  respect 
—  Watson  was  the  quintessential 
salesman  and  knew  how  to  rally 
the  salesmen  to  his  side,”  Djur¬ 
djevic  says.“Watson  treated  his 
employees  as  if  they  were  family 
and  so  he  wanted  them  happy 
well  fed  and  content  so  they 
would  stay  with  IBM  forever” 

In  1966,  Pepper  Martin  was 
one  of  the  fledgling  sales  repre¬ 
sentatives  who  sang  “Ever 
Onward.” 

“We  sang  it  the  whole  first  year 
of  training  at  sales  school,” 
recounts  Martin,  who  retired  six 
years  ago. 


\  I  / 


■  THIS  WEEK’S  QUESTION: 

NetWorld+Interop  is 
moving  out  of  the  giant 
Las  Vegas  Convention 
Center  next  year  into 
which  Vegas  hotel? 

Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
2349  in  the  Search  box. 


To  F.J.  Boucher,  District  Manager, 
Scale  Division 


r 


Spa 

Wit* 


Tune:  "Way  Down  Upon  the  Suwanee 
River” 
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1.  Here's  to  our  able  Dayton  worker 
Happy  alway; 

Outstanding  I.  B.  M.  Go-Getter, 
Our  old  friend  Fred  Boucher. 


2.  He  is  an  able  organizer, 

Trainer  of  men, 

In  Europe  and  in  North  America 
He's  builded  I.  B.  Id. 

Chorus 

All  of  us  are  proud  of  Freddie 
And  his  fine  Scale  men. 

Their  sales  are  growing  strong  and  steady 
For  glorious  I.  B.  Id. 


No  employee  was  too  great  or  too  small  to  be  the  subject  of  a  number  in 
IBM's  song  book,  published  in  the  1920s. 


Even  Watson’s  son  T.J. Watson 
Jr.  remembers  the  success  of 
IBM’s  song  singing.  In  his  book 
Father  Son  &  Co:  My  Life  at  IBM 
and  Beyond,  Watson  relates: 

“Everything  about  the  school 
was  meant  to  inspire  loyalty, 
enthusiasm  and  high  ideals, 
which  IBM  held  out  as  the  way 
to  achieve  success.  In  class  the 
first  thing  we  did  each  morning 
was  to  stand  up  and  sing  IBM 
songs. . .  .There  were  dozens  of 
songs  in  praise  of  Dad  or  other 
executives,  set  to  tunes  every¬ 
body  knew” 

The  songs  weren’t  solely 
focused  on  Watson  or  other  top 
executives  either. Take  these 
lyrics  from  “To  Our  I.B.M.  Girls”: 

“ The  office  girls  surely  are 
always  in  style 
They  greet  you  with  smiles, 
their  welcome's  worthwhile, 

The  best  in  the  world  are  our 
girls,  rank  and  file, 

They're  style  all  the  while  —  all 
the  while. 

They've  made  our  I.B.M.  com¬ 
plete  and  worthwhile, 

They  work  and  they  smile  — 
so  sweetly  they  smile; 

Tall,  short,  thin  and  stout  girls 
—  they  win  by  a  mile 
With  heavenly  styles  all  the 
while.” 

Silencing  the  music 

But  just  as  Watson  Sr.  was  a  cat¬ 
alyst  for  activities  such  as  as  song 
singing,  company  bands  and 
even  an  IBM  symphony,  his  son 
proved  to  stifle  such  activities. 


“The  band  repertoire  was 
show  tunes,  old  standards,  tradi¬ 
tional  marches  and  Dixieland 
numbers,”  says  Jay  Kosta,an  IBM 
contractor  in  Endwell,  N.Y  Kosta, 
who  plays  the  French  horn, 
joined  IBM  as  a  programmer  in 
1970  and  retired  in  2000. 
“Primarily  we  played  for  IBM 
events.  In  Endicott,the  band 
would  play  a  weekly  noon-time 
outdoor  concert  from  June 
through  August.  It  was  for 
employees  and  played  out  on 
the  lawn,”  he  says. 

Kosta  says  the  band  was  dis¬ 
banded  in  2001. 

“A  lot  of  outsiders  thought  our 
singing  custom  was  odd,”Watson 
Jr.  wrote  in  his  book.Times 
were  different  then,  and  I  sup¬ 
pose  being  earnest  didn’t  seem 
as  corny  in  1937  as  it  does 
today.  And,  of  course,  jobs  were 
awfully  hard  to  come  by  in  the 
1930s,  so  people  would  put  up 
with  a  lot.” 

Richard  Tedlow,  Class  of  1949 
professor  of  business  adminis¬ 
tration  at  Harvard  Business 
School  in  Cambridge,  Mass.,  and 
author  of  The  Watson  Dynasty: 
The  Fiery  Reign  and  Troubled 
Legacy  of  IBM’s  Founding  Father 
and  Son,  recalls  Watson  Jr. 

“Watson  Jr.  was  largely  responsi¬ 
ble  for  jettisoning  some  of  the 
old  customs, ’’Tedlow  says.“One  of 
them  was  song  singing.  When  he 
took  the  company  over  in  1956 
when  his  father  died,  he  wasn’t 
wild  about  the  singing  of  these 
songs  and  about  the  general  ven¬ 


eration  of  his  father  as  a  sort  of 
man  of  men.  He  wanted  to  tone 
down  that  cult  personality’ 

Which  helps  to  explain  why 
aside  from  the  fact  that  it’s  a 
stretch  to  come  up  with  rhymes 
for  names  such  as  Gerstner  and 
Palmisano.you  don’t  find  tunes 
about  IBM’s  more  recent  top 
executives. 

“People  began  to  think  [song 
singing]  was  really  corny” 
Tedlow  says.“In  the  1950s  and 
’60s  the  corporation  began  to 
celebrate  itself  as  a  very  ratio¬ 
nal  organization,  not  something 
necessarily  that  needed  to 
excite  the  emotion  by  singing  a 
song  about  the  CEO.  It’s  also 
true  percentage-wise  fewer  peo¬ 
ple  spend  their  lives  with  one 
corporation  now  than  they  did 
in  1950,  but  also  corporations 
have  come  up  with  other  ways 
—  T-shirts,  mugs  —  to  motivate 
their  employees.” 


Beyond  IBM 

IBM  is  far  from  alone  in  its 
association  with  music.  Novell 
promoted  itself  in  TV  ads  with 
David  Bowie’s  “Changes”  and 
Apple  has  tangled  recently  with 
hip-hop  star  Eminem  over  use 
of  one  of  his  songs  in  an  ad  for 
Apple’s  iTunes  service. 

Japanese  companies  also 
have  a  history  of  promoting 
song  singing.  Fujitsu  and  NCR 
both  have  company  songs.  But 
Fujitsu’s  “Ahh,  Fujitsu”  failed  to 
garner  acceptance  in  the  cor¬ 
poration,  because  few  of  the 
employees  could  read  sheet 
music,  says  Martin  Corbett, 
senior  lecturer  at  the  University 
of  Warwick  in  England,  in  a 
paper  titled  “I  Sing  the  Body 
(In)corporate.” 

KPMG,  PriceWaterhouse- 
Coopers  and  McKinsey  &  Co., 
Ernst  &Young  also  lay  claim  to 
company  songs,  though  they  all 
declined  to  comment. 

Among  other  high-tech  com¬ 
panies  that  have  songs  are 
Honeywell,  firewall  maker 
Check  Point  and  storage  start-up 
Yotta  Yotta.  Many  songs,  such  as 
Apple’s  “Here’s  to  the  Crazy 
Ones”  and  Ericsson’s  “Network 
Intelligence”  were  penned  to 
promote  products. 

One  large  Redmond,  Wash., 
software  maker  does  not  lay 
claim  to  a  company  song. 

“I  don’t  think  there  is  a 
Microsoft  company  song  other 
than  ‘Get  to  the  bank  as  fast  as 
possible  so  you  can  deposit  the 
check, ’"Tedlow  adds.H 
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Conferencing  vendors 
readying  new  wares 


■  BY  JASON  MESERVE 

A  handful  of  vendors  hope  their  new 
offerings,  set  to  be  announced  this  week, 
will  make  rich-media  conferencing  — 
mixed  voice,  video  and  data  —  more 
accessible  and  easier  on  the  wallet  for 
business  users. 

Among  the  scheduled  announcements 
are  Glowpoint’s  new  less  expensive  and 
lower  bandwidth  videoconferencing  ser¬ 
vice,  First  Virtual  Communications’  (FVC) 
enhanced  Click  to  Meet  4.0  audio,  video 
and  Web  conferencing  system,  and  Sonic 
Foundry’s  new  rich  media  recording  sys¬ 
tems.  All  three  are  scheduled  to  roll  out 
and  demonstrate  new  wares  at  next  week’s 
Infocomm  show  in  Atlanta, an  annual  gath¬ 
ering  that  typically  caters  to  audio/video 
dealers  and  integrators,  but  is  taking  on 
more  of  a  network  flavor 
this  year. 

Glowpoint,  which  offers 
an  IP  network  backbone 
dedicated  to  videocon¬ 
ferencing  traffic,  will 
debut  its  Individual  Video 
Access  service  targeted 
at  small-office  and  home- 
office  workers.  The  ser¬ 
vice  will  give  subscribers 
a  dedicated  synchronous 
DSL  line  and  guaranteed 
256K  bit/sec  connectivity 
for  a  single  endpoint  with 
a  price  of  $299  per  month  ($200  less  than 
the  company’s  standard  business  offering). 
As  part  of  the  new  offering,  resellers  such 
as  ReView  Video  will  offer  Sony’s  PC-1 1 
endpoint  bundled  with  the  service,  though 
any  IP-capable  endpoint  will  work. 

Michael  Brandafino,  CTO  at  Glowpoint, 
says  using  H.264  video  compression 
enables  his  company  to  offer  the  lower 
bandwidth  service.  H.264  boasts  about 
the  same  video  quality  as  the  older  H.263 
standard  at  half  the  bandwidth.  Previously, 
the  company  only  offered  service  to 
enterprise-level  customers  via  dedicated 
T-l  connections. 

While  Glowpoint  is  conservative  about 
video  quality  at  256K  bit/sec,  Wainhouse 
Reseach  analyst  Andrew  Davis  says  he 
think  it’s  sufficient.  “For  most  people,  it  is 
not  compromising  quality  he  says.“l  do  a 
lot  of  calls  at  256K,  even  though  I  have  a 
1.1M  bit/sec  connection.” 

The  only  downside,  Davis  says,  is  cus¬ 
tomers  will  not  be  able  to  use  an  embed¬ 
ded  multipoint  control  unit  (MCU)  to  con¬ 
nect  more  than  two  parties  in  a  call  with¬ 
out  using  an  external  bridge.  This  is  be¬ 
cause  additional  users  would  push  the 
total  conference  bandwidth  above  the 
256K  ceiling. 

Similar  offerings  are  available  from  iVCI 
and  AT&T,  although  Glowpoint  only  allows 
video  traffic  on  its  network. 


For  FVC,  Infocomm  will  be  the  stage  for 
Click  to  Meet  4.0’s  unveiling  and  an 
update  to  the  company’s  Conference 
Server.  Click  to  Meet  is  a  desktop  applica¬ 
tion  that  integrates  with  Internet  Explorer 
and  combines  video,  audio  and  Web  con¬ 
ferencing  through  one  interface.  Con¬ 
ference  Server  7.3  is  the  heart  of  the  sys¬ 
tem,  offering  contact,  presence  and  an 
MCU  for  connecting  multiple  users  in  a 
single  call. 

Chief  among  the  enhancements  are  a 
new  user  interface,  better  integration  with 
desktop  applications  such  as  Microsoft 
Office  and  Messenger,  and  improved  secu¬ 
rity  in  the  form  of  Web  snapshots  that  let 
secure  sites  be  shared  with  conference  par¬ 
ticipants  without  divulging  password  infor¬ 
mation.  FVC  also  is  beefing  up  Conference 
Server,  which  now  can  handle  up  to  500 
simultaneous  confer¬ 
ence  users  (spread 
across  multiple  confer¬ 
ences)  and  1,000  users 
logged  on  checking  cal¬ 
endars  and  presence. 

Click  to  Meet  4.0  costs 
$1,850  per  concurrent 
user  and  is  scheduled 
to  begin  shipping  next 
week. 

Sonic  Foundry  will  be 
demonstrating  its  new 
Media  Site  RL-400  and 
VL-400,  rack-mounted 
appliances  for  recording  rich  media  con¬ 
ferences.  The  RL-400  targets  traditional 
training  sessions  where  an  instructor  sits 
in  front  of  a  room  (virtual  or  physical) 
and  presents  slides  and  other  on-screen 
material.  The  device  captures  audio, 
video  and  slides  and  synchronizes  them 
into  one  presentation  that  can  be  viewed 
with  Internet  Explorer  and  Windows 
Media  Player  or  exported  into 
Macromedia  Flash  format.  Similarly,  the 
VL-400  captures  videoconference  calls 
and  any  data  presented  inside  the  call. 

Both  devices  will  have  160G-byte  hard- 
drives  for  storing  content  and  a  built-in 
CD  burner.  Presentations  can  be  posted  to 
a  standard  Web  server  or  served  up  using 
Media  Site’s  optional  server  product, 
which  offers  additional  content-manage¬ 
ment  features. 

Starbak  offers  a  similar  videoconference 
capture  appliance,  and  a  number  of  com¬ 
panies  offer  recording  as  a  service. 

Sonic  Foundry  is  pricing  the  RL-400  at 
about  $22,000.  VL-400  pricing  has  not 
been  set.  Both  products  are  scheduled  to 
ship  this  fall.  ■ 
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Sonic  Foundry's  RL400  is  a  confer¬ 
ence  recording  appliance, 
designed  to  take  in  audio,  video, 
slides  and  other  PC-based  content 
and  synchronize  it  into  a  Web 
presentation. 
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their  operations  are  up  to  snuff 
because  such  laws  can  be  partic¬ 
ular  about  how  corporate  infor¬ 
mation  is  to  be  handled  and  kept. 

Although  not  all  of  these  regula¬ 
tions  are  new,  some  have  dead¬ 
lines  for  this  year  with  compli¬ 
ance  orders  that  affect  IT  depart¬ 
ments.  For  example,  Sarbanes- 
Oxley,  the  legislation  that 
emerged  from  corporate 
accounting  scandals  of  2002  to 
dictate  how  public  companies 
store,  report  and  share  financial 
information,  includes  a  section 
that  will  go  into  effect  this  year 
that  requires  internal  processes 


Spend,  spend,  spend 


Microsoft 

continued  from  page  17 

Server  and  Oracle.  Users  can  use 
several  pre-configured  Office  2003 
Web  components  to  construct 
scorecards  that  dig  into  key  per¬ 
formance  indicators,  such  as  rev¬ 
enue  and  customer  satisfaction. 

Users  also  can  create  cus¬ 
tomized  components.  The  score- 
cards  then  are  linked  to  the  back¬ 
end  data  source  and  made  avail¬ 
able  via  ShareFbint  Fbrtal  Server. 
End  users  need  only  Internet 
Explorer  6.0  to  view  the  score- 
cards.  Microsoft  also  is  including 
an  Active  X  control  based  on  Visio 
for  mapping  out  corporate  strate¬ 
gies  and  objectives. 

The  Business  Scorecards  Accel¬ 
erator  is  a  free  download  but 
requires  the  use  of  SQL  Server 
2000  with  Analysis  Services,  Office 
2003,  ShareFbint  Fbrtal  2003  and 
Windows  Server  2003. 

The  idea  is  to  allow  a  much 
broader  audience  to  get  at  this 
business  data,”  says  Peter  Bull, 


and  controls  to  be  properly  docu¬ 
mented  and  audited. 

“I  think  the  reason  many  IT 
departments  feel  under  pressure 
is  because  of  Sarbanes-Oxley  — 
it’s  producing  a  lot  of  angst  and  a 
new  burden,  and  new  spending 
too,”  says  Stewart  Baker,  a  partner 
at  law  firm  Steptoe  &  Johnson. “A 
lot  of  hard  decisions  might  have 
to  be  made;  companies  might 
have  to  wall  off  their  financial  sys¬ 
tems  from  other  parts  of  the  net¬ 
work,  and  that  will  require  archi¬ 
tectural  changes  or  further 
expenditures.” 

On  the  bright  side,  the  survey 
showed  that  purse  strings  seem  to 
be  loosening  —  more  than  half  of 
the  respondents  said  they  will 


group  program  manager  for 
Office  at  Microsoft. “Were  focus¬ 
ing  on  extending  the  reach  of 
business  intelligence  to  more 
employees  and  doing  it  within 
familiar  interfaces.” 

The  Excel  Add-in  for  SQL  Server 
Analysis  Services  lets  data  be 
accessed  and  analyzed  within 
Excel.  The  tool  expands  on  the 
familiar  pivot  tables  in  the  Office 
application  by  letting  users  ana¬ 
lyze  data  from  more  than  one 
source.  Previously  analysis  was 
limited  to  one  online  analytical 
processing  data  cube. 

Also  new  is  real-time  connec¬ 
tion  to  back-end  data  so  users  are 
always  looking  at  the  most  cur¬ 
rent  information.  The  Excel  tool 
adds  a  menu  item  into  the  Excel 
XP  or  Excel  2003  interface  called 
Cube  Analysis  and  a  new  Task 
Pane  for  laying  out  reports. 

Both  the  Scorecards  and  Excel 
accelerators  are  available  for 
download  from  Microsoft’s  Web 
site  and  are  supported  by  Micro¬ 
soft  Product  Support  Services.  ■ 


spend  more  on  technology  this 
year  than  last.  Less  than  40%  gave 
the  same  answer  last  year. 

Technology  support  manager 
Donald  Murphy’s  outlook  on  IT 
spending  at  Corestaff  Support 
Services,  a  staffing  company,  has 
changed  from  “cautiously  opti¬ 
mistic”  in  February  to  “optimistic” 
when  asked  last  week.“The  issues 
we’re  dealing  with  now  are  ...pos¬ 
itive  problems,  things  like  growth, 
as  we  try  to  go  from  purely  main¬ 
tenance  to  implementation,”  he 
says.“We’re  not  hauling  wheelbar¬ 
rows  of  cash  around,  but  every¬ 
body  feels  good  about”  the 
departments  budget. 

Accompanying  the  intent  to  in¬ 
crease  spending  is  the  perception 
that  IT  buyers  can  get  more  for 
their  money  than  they  have  in  the 
past,  because  of  technological 
advancements  —  such  as  greater 
processing  power  —  and 
increased  vendor  competition.  Of 
those  asked,  83%  agreed  that  this 
year’s  dollar  buys  more  technolo¬ 
gy  than  last  year’s,  and  about  60% 
said  they  are  motivated  to  spend 
by  the  deals  that  vendors  are 
offering  in  certain  areas. 

This  year’s  survey  shows  that  in 
addition  to  preparing  for  regula¬ 
tory  compliance,  IT  executives’ 
spending  will  focus  on  enterprise 
applications,  security  and  hand¬ 
held  devices  (see  graphic,  left). 
All  respondents  said  they  will 
spend  on  enterprise  applications 
and  security  in  the  next  12 
months,  while  half  said  they  will 
purchase  new  handheld  devices. 

Reasons  for  buying  enterprise 
applications  include  compliance 
with  regulations  and  boosting 
productivity  to  improve  bottom 
lines.  Knowledge  management 
applications  and  portal  software; 
and  ERP  and  salesforce  automa¬ 
tion  applications  will  be  the  most 


How  We  Did  It 


The  Network  World 500 
survey,  conducted  by 
Network  World  and  Re¬ 
search  Concepts,  includes 
data  from  four  separate 
phone  surveys  of  125  partici¬ 
pants  each,  totaling  500 
organizations  (each  group 
was  asked  different  ques¬ 
tions).  Participating  compa¬ 
nies  have  multiple  sites  with 
internetworked  LANs  and 
WANs,  and  their  annual 
spending  on  network  related 
products  totals  more  than 
$10  million.  Some  percent¬ 
ages  might  not  add  up  to  100 
because  of  rounding. 


On  the  rise 

How  total  IT  spending 
will  change  this  year 
compared  with  last: 


lint  cnm>  2%  Increase 


Number  of  respondents:  500 

SOURCE:  NETWORK  WORLD  500  SURVEY 

common  purchases,  the  survey 
showed.  Slightly  more  than  half  of 
the  respondents  said  they  man¬ 
age  their  enterprise  applications 
in-house,  one-third  said  they  out¬ 
source  the  management  of  some 
of  their  software,  and  8%  said  all 
of  their  application  management 


is  outsourced. 

As  IT  managers  have  become 
the  primary  keepers  of  many 
organizations’  security,  the  task 
has  become  more  complicated 
and  expensive.  Intrusion-detec¬ 
tion  systems  and  anti-spam  soft¬ 
ware  top  buying  lists  for  the  com¬ 
ing  12  months.  The  survey  shows 
companies  prefer  to  have  secur¬ 
ity  audits  performed  by  third- 
party  service  providers  and  that 
the  biggest  perceived  threat  to  an 
organization’s  security  comes 
from  within  the  company. 

Among  those  companies  plan¬ 
ning  to  equip  their  workers  with 
handheld  devices,  PDAs  will  be 
the  most  common  device  pur¬ 
chased,  followed  by  digital 
phones  and  e-mail  pagers. 

Complete  results  will  be  avail¬ 
able  June  14  at  www.nwfusion. 
com/nw500.H 

Get  more  information  online. 
DocFinder:  2345 
www.nwfusion.com 


EMC  adding  features 
to  Centera  storage 

■  BY  DENI  CONNOR 

EMC  this  week  is  announcing  enhancements  to  its  Centera  com¬ 
pliance-oriented  storage  array  as  well  as  software  bundles  that  make  it 
easier  to  prioritize,  tier  and  migrate  storage. 

The  Centera  software  enhancements,  Release  2.3,  include  the  ability 
for  a  storage  administrator  to  set  retention  policies  for  data  that  needs 
to  be  archived  and  to  delete  data  by  individual  user. 

For  instance,  a  certain  type  of  record  such  as  a  medical  X-ray  may 
need  to  be  kept  for  2 1  years.  After  that  time  it  can  be  automatically 
deleted  or  moved  to  a  less-expensive  form  of  storage  such  as  tape. 

A  retention  policy  can  automatically  enforce  this  deletion  or  migra¬ 
tion  of  data.The  software  now  has  the  capability  to  delete  data  in  order 
to  meet  the  dictates  of  a  court  order  or  regulation. 

The  company  announced  three  compliance  bundles  for  different 
applications  —  Email  Archiving  with  Legato  Software,  Content 
Archiving  and  Retrieval  Solution  with  Documentum  and  Content 
Archiving  and  Retrieval  Solution  with  Mobius. 

Two  of  the  bundles  are  the  result  of  the  acquisitions  of  Legato  and 
Documentum. The  third,  the  Content  Archiving  and  Retrieval  Solution 
with  Mobius,  integrates  content  management  company  Mobius’  prod¬ 
uct  MF  Direct  Connect  and  EMC’s  tiered  storage  with  installation  and 
project  management  services  and  a  data-migration  service. 

The  other  packages  incorporate  Centera  with  Legato’s  EmailXtender 
and  EmailXaminer.and  the  Documentum  Content  Server,  Compliance 
and  Records  Manager  and  Trusted  Content  Services. 

“From  a  feature  perspective  they  are  giving  users  more  ease  of  use 
and  functionality’ says  Peter  Gerr, senior  analyst  with  Enterprise  Storage 
Group.  “That’s  going  to  help  overcome  the  hurdles  customers  have  in 
adopting  any  new  technology’ 

In  addition,  the  Centera  software  lets  administrators  assign  retention 
periods  to  data  for  applications  that  do  not  have  retention  capability 

EMC  also  will  enhance  the  services  it  offers  with  Centera  as  part  of  its 
Information  Lifecycle  Management  strategy  It  will  offer  a  data  classifi¬ 
cation  service,  which  assists  companies  in  putting  data  on  appropriate 
storage,  as  well  as  data  migration  services. 

An  EMC  Centera  configured  with  4T  bytes  of  storage  capacity  starts 
at  $  148, 000.  ■ 


Here’s  how  companies  say  their  network  and  IT  spending 
this  year  will  compare  with  last. 
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Site:  Lessons  from  leading  users 

Under  pressure:  Pa.  county  upgrades  network  and  saves 


■  BY  CAROLYN  DUFFY  MARSAN 

When  Jack  Pond  joined  Montgomery 
County,  P&„  as  CIO  last  year,  he  faced  an 
immediate  network  crisis:  AT&T  could  no 
longer  support  the  county’s  aging  FDD1  metro¬ 
politan-area  network,  and  Fbnd  had  45  days  to 
upgrade  or  find  an  alternative  service  provider. 

This  summer,  Fbnd  will  finish  migrating  all  the 
county’s  voice  and  data  traffic  to  three  redundant, 
private  fiber-optic  rings  that  provide  Gigabit 
Ethernet  service.The  new  network  offers  22  times 
more  capacity  than  the  old  FDD1  network,  and 
Fbnd  estimates  the  county  will  save  $3.5  million 
over  five  years  by  combining  voice  and  data  over 
a  common  network  infrastructure. 

“I  don’t  know  of  any  other  county  in  the  U.S. 
who  has  gone  so  far  so  quickly”  in  terms  of  net¬ 
work  technology,  Fbnd  says. 

Since  1994,  Montgomery  County  —  which  is  20 
miles  west  of  Philadelphia  —  has  used  an  FDD1 
backbone  ring  to  connect  50  government  build¬ 
ings,  including  administrative  offices,  courts  and 
public  health  centers.  The  FDDI  network  was 
cobbled  together  using  a  hub-and-spoke  design 
that  included  T-l  and  T-3  links.  AT&T  was  under 
contract  to  manage  the  FDDI  network. 

“We  had  leased  these  services  from  another 


company  that  was  bought  out  several  times  and 
ended  up  with  AT&T,”  Fbnd  says.“AT&T  inherited 
us,  and  they  were  very  good  to  us.  They  contin¬ 
ued  to  support  us  after  our  contract  expired,  but 
finally  they  said  they  couldn’t  support  our  FDDI 
network  anymore.” 

AT&T  gave  the  county  18  months’  notice  that  it 
was  discontinuing  its  FDDI  support.  The  county 
issued  an  RFP  and  received  eight  responses. 

Pond’s  first  step  was  to  negotiate  a  six-month 
extension  from  AT&T. After  that,  the  county’s  FDDI 
network  would  be  shut  down,  he  agreed. 

Then  Fbnd  and  his  team  sat  down  with  the  pro¬ 
posals  to  find  a  reliable,  high-bandwidth  network 
to  support  online  applications  used  by  its  popu¬ 
lation  of  760,000. 

“This  was  a  very  successful,  low-cost  system 
with  relatively  high  bandwidth,”  Pond  says  of  the 
old  FDDI  network.“My  job  was  to  provide  some¬ 
thing  equally  good  at  the  same  cost.” 

Pond’s  top  priority  was  to  get  a  replacement 
network  in  quickly  to  provide  data  services  to  the 
3,600  county  employees.  Because  he  has  a  small 
IT  shop,  he  needed  the  new  network  to  be  easy 
to  manage,  redundant  and  self-healing. 

“We  also  wanted  the  network  to  be  scalable,  and 
we  wanted  to  be  able  to  integrate  it  with  schools 
See  Montgomery,  page  26 


Jack  Pond,  CIO  of  Montgomery  County,  and  his  team  saved  $3.5  million 
over  five  years  with  their  new  converged  network. 


■  Dell  is  offering  its  PowerEdge 
servers  with  Oracle  lOg  Database 
software  pre-loaded,  configured  and 
tested.  The  database  systems  also 
can  include  storage  on  Dell/EMC  and 
PowerVault  hardware.  Dell  executives 
say  the  pre-loaded  systems  will  let 
users  extend  the  use  of  Oracle  Real 
Application  Clusters  to  larger  grid 
deployments.  The  systems  are  opti¬ 
mized  for  Oracle  lOg  Database  and 
Oracle  lOg  Database  with  Real  appli¬ 
cation  Clusters  running  on  Red  Hat 
Linux.  Pricing  starts  at  $6,500.  Oracle 
Standard  Edition  One  is  also  now 
available  pre-loaded  on  Dell  Power- 
Edge  two-processor  2600  and  2650 
servers. 


■  Sun  and  Fujitsu  are  to  merge  their 
Sparc-based  server  product  lines  by 
2006,  expanding  a  long-standing  part¬ 
nership  between  the  two  companies, 
company  officials  said  last  week.  The 
new  combined  product  line,  code- 
named  Advanced  Product  Line,  will 
replace  Sun’s  and  Fujitsu's  Sun  Fire 
and  PrimePower  product  lines,  the 
companies  said.  Sun  and  Fujitsu  have 
collaborated  for  years  on  the  design  of 
the  UltraSparc  chip  architecture  used 
in  both  companies'  servers.  The 
announcement  is  an  “expansion  and 
acceleration"  of  a  20-year  strategic 
relationship  between  the  companies. 
Last  October,  the  two  companies  were 
reported  to  be  in  discussions  to  con¬ 
solidate  manufacturing  operations, 
with  talk  that  Fujitsu  would  take  over 
production  of  Sun’s  high-end  servers 
and  microprocessors. 


Sun  GT0  talks 
interconnects 

On  the  eve  of  Sun’s  quarterly  product  announce¬ 
ments  last  week,  Network  World  Senior  Editor 
Deni  Connor  spoke  with  Balint  Fleischer,  CTO 
for  Sun ’s  storage  division  about  the  company’s 
future  direction  for  a  number  of  popular 
server/storage  interconnects  and  I/O  products. 


Tell  me  about  Sun’s  InfiniBand  plans. 

Every  technology  has  its  high  priest  who  would  like  to  see  it  used  for 
everything.  When  we  started  our  InfiniBand  engagement,  we  saw  it  as  an 
I/O  channel  in  a  shared  environment,  like  blade  servers.The  other  plan 

See  Sun,  page  27 
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Commentary  on  last  month’s  Net- 
World+Interop  show  seemed  to  cite 
the  buzz  as  either  VoIP  or  wireless. 
From  my  perspective,  the  real  buzz  was  the 
combination  of  the  two  technologies  — 
VoIP  over  wireless  LANs. 

With  Vo  WLAN,  there  are  now  two  degrees 
of  separation  between  “native”  analog 
voice  and  the  current  state-of-the-art  offer¬ 
ings.  First,  the  voice  was  digitized  and  pack- 
etized  to  run  over  the  LAN.  Now  the  LAN  is, 
at  least  for  part  of  the  trip  —  a  wireless  one. 

There’s  no  doubt  that  the  Wi-Fi  based 
mobility  that  VoWLAN  delivers  is  essential 
to  driving  and  justifying  corporate  deploy¬ 
ment  of  both  technologies. Yet,  the  pace  of 
change  is  such  that  network  managers  are 
faced,  potentially  with  complex  decisions 


VoWLAN:  Two  degrees  of  separation 


about  VoWLAN  when  they  might  not  feel 
comfortable  with  “plain  old”VoIP 

When  VoIP  was  first  proposed  as  a  re¬ 
placement  for  PBX  systems,  we  worried 
about  a  lot  of  things.  Was  there  sufficient 
bandwidth?  Could  we  guarantee  voice 
quality?  Were  the  conversations  secure? 

As  it  turned  out,  we  had  little  reason  for 
concern.  Even  a  toll-quality  VoIP  call 
wouldn’t  even  consume  LOOK  bit/sec  —  or 
about  0.1%  of  a  Fast  Ethernet  connection. 
Congestion  on  the  campus  LAN  was  rare 
and  even  basic  two-queue  switches  typi¬ 
cally  could  provide  the  headroom  needed 
for  VoIP  While  most  sessions  were  unen¬ 
crypted,  the  nature  of  LAN  switches  make 
snooping  into  non-broadcast  traffic  diffi¬ 
cult  (though  possible). 

When  voice  is  carried  over  today’s  Wi-Fi 
networks,  though,  these  issues  arise  again. 
And  new  issues  emerge. 

The  networks  are  slower  (than  Fast  Ether¬ 
net), and  they  are  shared.Thus, degradation 
is  possible  and  quality  of  service  becomes 
more  than  a  theoretical  consideration. The 


broadcast  nature  of  wireless  makes  session 
security  a  big  item  and  Wired  Equivalent 
Privacy  Wi-Fi  Protected  Access  and  other 
initiatives  have  been  put  in  place  to 
address  this. 

Ultimately  the  key  technical  issue  is  roam¬ 
ing.  By  definition,  someone  on  a  Wi-Fi 
phone  is  likely  to  roam  from  access  point  to 
access  point  while  circulating  through  a 
building.  Roaming  “gaps”  measured  in  sec¬ 
onds,  which  might  be  acceptable  to  data 
applications,  will  negate  any  benefit  of 
using  Wi-Fi  voice  because  users  simply  will 
hang  up. 

All  this  takes  place  against  a  backdrop 
of  very  active  802.11  sub-committees 
no  doubt  diligently  working  on  vendor- 
neutral  solutions  to  these  and  other 
challenges. 

Even  where  standards  committees 
haven’t  finished  their  work,  a  variety  of 
pre-standard  methods  exist  to  overlay  VoIP 
on  wireless.  In  our  testing  practice,  we’ve 
seen  informal  and  formal  partnerships 
between  the  voice  providers  and  the 


WLAN  infrastructure  providers  to  illus¬ 
trate  these  capabilities. 

Yet, given  the  leading-edge  nature  of  tech¬ 
nologies  and  the  narrow  nature  of  most 
partnerships,  it  is  not  surprising  that  most 
enterprise  architects  aren’t  quite  sure  what 
works  with  what. 

To  remedy  this  situation,  at  least  in  part, 
we  plan  to  host  a  VoWLAN  Interoperability 
event  this  August  in  Boca  Raton,  Fla. 

We’ll  look  to  work  with  the  vendors  of 
both  the  switch  and  the  voice  infrastruc¬ 
ture  to  craft  a  series  of  interoperability  sce¬ 
narios  that  will  help  illustrate  what  type  of 
functionality  is  available  in  heterogeneous 
VoWLAN. 

Tell  me  what’s  uppermost  on  your  mind. 
I’ll  be  sure  to  feed  back  what  readers  tell 
me  —  and  keep  you  posted  on  what  we 
find  in  the  lab. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  t§Sng 
company  in  Boca  Raton,  Fla.  He  can  be 
reached  at  ktolly@tolly.com. 


Vendors  offer  tools  to  control,  secure  WLANs 


■  BY  JOHN  COX 

Newbury  Networks  and  ActivCard  re¬ 
spectively  this  week  will  roll  out  tools  to 
let  customers  better  manage  and  secure 
their  wireless  networks. 

Newbury  builds  on  its  current  location- 
based  security  product  to  create  a  new 
product,  called  WiFi  Workplace,  for  admin¬ 
istering  wireless  LANs  (WLAN).  ActivCard 
has  added  support  for  WLANs  to  its 
RADIUS  server,  a  move  that  lets  the  compa¬ 
ny’s  smart  card  authentication  tokens  be 
used  to  access  an  enterprise  wireless  net- 
work.The  announcements  are  expected  to 
be  made  at  the  Wi-Fi  Planet  conference  in 
Baltimore. 

WiFi  Workplace  incorporates  the  location 
algorithms  and  other  server  software  from 
the  current  WiFi  Watchdog  product,  along 
with  the  hardware  radio  sensors  that  are 
spread  over  a  site  to  monitor  signals  and 
pinpoint  a  client  device  or  access  point 
location  to  within  a  few  feet. 

Engineers  at  Newbury  crafted  new  Java 
code  to  add  WLAN  management  features 


More  online! 

Attend  Wireless  LANs:  Gaining  Strength,  Reaching 
Farther,  a  new  Network  World  Technology  Tour  event, 
it  brings  together  the  intelligence,  innovations,  and 
solutions  you  need  to  move  forward. 

DocFinder  2330 


Newbury's  WiFi  Workplace  collects  management  data  on  WLAN  clients  and  access  points,  and 
correlates  the  data  with  their  locations.  At  left,  tree  shows  breakdown  of  access  points  inside 
a  floor  of  an  office,  and  the  clients  attached  to  them.  At  right  in  view  of  AP  radio  coverage,  red 
shows  interference  along  one  office  wall. 


for  WiFi  Workplace.  The  sensors  still  collect 
802. 1 1  packet  data,  and  the  location  algo¬ 
rithms  still  associate  that  data  with  the  phys¬ 
ical  location  of  wireless  clients  and  access 
points.  But  that  data  now  can  be  stored  in  a 
bundled  MySQL  database  or  an  existing 
Oracle  database,  and  collated  and  ana¬ 
lyzed  via  a  new  management  GUI. 

A  map  shows  administrators  the  loca¬ 
tions  of  all  access  points  and  clients,  and 
which  clients  are  associating  with  which 
access  points.  Clicking  on  icons  and  se¬ 
lecting  sub-menus  shows  details  such  as 
channel  assignments,  bandwidth  use  and 
signal  strength. 

Also  new  is  support  for  virtual  LAN 
(VLAN)  tagging.  Once  WiFi  Workplace 
identifies  a  user’s  location  and  the  user  is 
authenticated,  it  can  pass  to  the  relevant 
access  point  the  appropriate  VLAN  tag  for 
that  user,  keeping  the  user  on  a  given  VLAN. 
So  VLAN  assignments  now  can  be  based 
on  a  user’s  location  and  identity 

The  location  awareness  also  lets  WiFi 
Workplace  restrict  a  user  to  access  points. 
If  a  user  moves  to  a  new  location,  he  can 
be  blocked  from  roaming  to  the  access 
points  there. 

Shipment  is  scheduled  for  September. 
Pricing  starts  at  $19,000,  for  10  sensors  and 
the  Workplace  software,  a  package  that  cov¬ 
ers  about  20,000  to  50,000  square  feet, 
according  to  Newbury  executives. 

ActivCard  is  best  known  for  the  software 
that  it  bundles  with  smart  cards,  USB  keys 
or  other  security  tokens.  Users  carry  the 
token  to  create  what’s  called  strong  authen¬ 
tication:  using  two  or  three  elements  to 
prove  and  confirm  their  identity  to  the  net¬ 
work,  such  as  a  combination  of  token,  pass¬ 
word  and  fingerprint. 

With  its  smart  card  products,  the  com¬ 


pany  also  offers  a  RADIUS  server  for  pass¬ 
word  authentication.  To  this  server,  it  has 
aded  new  code  to  support  802.1x-based 
WLAN  authentication  via  the  Extensible 
Authentication  Protocol  (EAP).The  soft¬ 
ware  supports  several  EAP  variations: 
Transport  Layer  Security,  for  client  and 
server  digital  certificates, as  part  of  public- 
key  infrastructure,  but  also  Cisco’s 
Lightweight  EAP  (LEAP);  and  both  the 
Microsoft  and  Cisco  versions  of  Protected 
EAP  (PEAP),  which  only  require  a  user- 
name-password  combination. 

Today,  for  WLAN  security,  corporations 


might  have  to  deploy  several  third-party 
products  and  a  RADIUS  server  if  they 
don’t  have  one  already.  ActivCard  execu¬ 
tives  say  their  software  lets  one  server 
handle  various  authentication  tech¬ 
niques  for  all  VPN,  WLAN  and  remote- 
access  users.  The  ActivCard  software 
links  directly  with  enterprise  directories 
such  as  Microsoft  Active  Directory  or 
SunOne  Directory. 

Pricing  for  the  ActivCard  server  software 
is  $50  per  user  for  100  users.To  activate  the 
new  WLAN  authentication  features,  cus¬ 
tomers  pay  an  additional  $5,000.  ■ 
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QWEST  iQ  NETWORKING  BRINGS  RADICAL  SIMPLICITY 
TO  NETWORK  MANAGEMENT. 


You  can  dream  up  any  number  of  ways  to  put  your  Qwest,  that  second  part  can  be  every  bit  as  easy  as 
network  to  good  use.  That's  the  easy  part.  Then  you-  the  first  part.  Just  tell  us  what  kind  of  performance 
have  to  figure  out  how  to  make  it  work— get  all  your  you  need  to  enable  your  business  applications, 

vendors  in  sync,  redefine  roles,  eliminate  that  capital  and  we'll  make  sure  you  get  it.  On  your  terms, 

expense  roadblock,  reconfigure  interconnections,  Guaranteed.  So  call  to  find  out  more  about  a  network 

etc.,  alt  while  supporting  your  time-sensitive  apps  that’s  tuned  to  your  needs.  And  start  dreaming  up 

and  ensuring  the  security  of  your  network.  But  with  new  stuff  to  do  with  your  network. 


or  visit  qwest.com/networksolutions 
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Spirit  of  Service 


VOICE  S  Q  IONS  DATA  SOLUTIONS  INTERNET  SOLUTION  S  MANAGED  SO  L  U  T  !  ON  S/j 
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Q west  0  Networking7":  Qwest  iQ  Networking  is  a  suite  of  WAN  services  with  domestic  and  international  availability  depending  on  services  selected.  Recurring  fees  vary  depedding/- 
es  ordered  Additional  equipment  may  be  required.  All  trademarks  are  the  property  of  Qwest  Communications  International  Inc.  ©2004  Qwest.  All  rights  reserved//': '■> 
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l  essons  from  Leading  Users 


Montgomery 

continued  from  page  21 


and  community  colleges  in  the  future.  We 
wanted  to  be  able  to  incrementally  en¬ 
hance  it,”  Bond  says.  “We  also  needed  24-7 
monitoring  and  service.” 

When  Pond  and  his  team  reviewed  the 
eight  proposals,  they  couldn’t  find  one 
that  met  all  of  their  needs.  Instead,  they 
made  partial  awards  to  multiple  vendors 
and  serve  as  their  own  prime  contractor. 

Bond’s  team  awarded  five  contracts  for 
the  network: 

•  Sunesys  provides  the  backbone,  which 
consists  of  385  miles  of  leased  fiber. 

•  Nortel  supplies  voice  and  data  net¬ 
work  equipment. 

•  Commonwealth  Communications 
provides  network  integration  and  moni¬ 
toring  services. 

•  AT&T  selves  as  ISP 

•  Verizon  supports  voice  services. 

One  benefit  of  this  strategy  is  that  Mont¬ 
gomery  County  is  no  longer  dependent 
on  one  vendor  to  provide  a  total  solution. 

Montgomery  County  uses  one  gigabit 
link,  but  can  increase  to  40  gigabits  with 
the  fiber  it  leases.The  first  fiber-optic  ring 
was  lit  in  February  By  April,  all  data  traffic 
was  moved  to  the  new  network. 

“We  primarily  kept  the  same  points  of 
presence  on  our  net, but  we  increased  the 
bandwidth,  and  our  services  are  much 
better" says  Ken  Kopp,  director  of  network 


Monfco  on  the  go 

With  an  aging  FDDI  network  due  to  be  shut  down,  Montgomery  County  pulls  off  a  successful  —  and 


O  By  installing  multiple  fiber  rings  instead  of  a  hub- 
and-spoke  network  design,  Montgomery  County 
was  able  to  significantly  improve  the  reliability  of 
its  data  network  and  avoid  single  points  of  failure. 


©  Montgomery  County’s  new  network  supports 
3,600  people  and  connects  more  than  50  sites, 
although  16  of  the  sites  in  the  county’s  seat  in 
Norristown  represent  95%  of  the  traffic. 


©  The  Nortel  switches  allow  Montgomery 
County  to  support  both  data  and  voice 
over  a  converged  backbone,  with  savings 
projected  at  $125,000  per  month. 


services  for  Montgomery  County 
If  the  county  could  have  kept  its  FDDI 
data  network  and  separate  voice  services 
going,  it  would  have  cost  an  estimated 
$1 1.2  million  over  the  next  five  years. The 
new  converged  network  has  an  estimated 
cost  of  $7.7  million  over  the  next  five 
years.  That  adds  up  to  $3.5  million  in  sav¬ 


ings  over  five  years.  Most  of  the  savings 
comes  from  reduced  voice  charges. 
Montgomery  County  expects  to  save 
$125,000  per  month  in  telephone  charges. 

“By  providing  voice  services  between 
our  primary  buildings,  we  have  cut  our 
voice  charges  in  half,”  Fond  says. 

The  county’s  voice  traffic  now  is  being 


migrated  to  the  new  network.  New  Nortel 
handsets  are  being  installed,  and  employ¬ 
ees  are  being  trained  on  how  to  use  them. 

Montgomery  County  will  have  a  converg¬ 
ed  voice/data  network  when  the  upgrade 
is  done,  but  it  won’t  run  VoIP  “We  didn’t  feel 
VoIP  was  ready  in  terms  of  simplicity  of 
management  or  reliability  Bond  says.  ■ 
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we  had  was  to  use  it  as  a  cluster  inter¬ 
connect  to  build  Oracle  or  DB2  clusters. 
The  third  was  to  use  it  as  an  embedded 
application  to  build  scalable  storage  sys¬ 
tems.  Our  blade  server  is  a  little  slower 
coming  to  market  than  we  had  hoped  — 
it  has  InfiniBand  on  the  backplane.  We 
are  using  InfiniBand  for  clustering,  and 
we  announced  a  relationship  with 
Voltaire  and  TopSpin  to  deliver  high-per¬ 
formance  technical  computing  solutions 
using  InfiniBand. 

You  are  talking  about  using  InfiniBand  with 
PCI-Express  enabled  servers,  not  as  natively 
enabled  servers? 

PCI-Express  is  an  interesting  technol¬ 
ogy  because  it  blurs  the  difference 
between  native  and  non-native  I/O. 
HyperTransport  does  the  same  thing. The 
primary  architecture  problem  is  to  open 
up  the  path  from  the  memory  of  the 
server  right  into  the  I/O  channel.  PCI- 
Express  and  HyperTransport  reopen  the 
channel  so  you  have  the  effective  band¬ 
width  required. 

When  will  Sun  be  introducing  PCI-Express 
based  servers? 

Our  future  CPUs  will  have  PCI-Express 
on  them.  Obviously  because  of  the 
[Advanced  Micro  Devices]  Opteron  rela¬ 
tionship  we  are  looking  at  Hyper¬ 


Transport,  too.  PCI-Express  and  Hyper¬ 
Transport  are  very  contemporary  tech¬ 
nologies  that  let  you  deliver  much 
greater  bandwidth  than  what  you  could 
do  with  extended  I/O  buses. 

What  about  iSCSI? 

That’s  a  little  bit  special.Two  years  ago  I 
went  public  and  said  that  iSCSI  has  all 
sorts  of  problems  both  from  a  value 
proposition  perspective  and  from  a  tech¬ 
nological  perspective.  History  proved  I 
was  correct.  ISCSI  is  taking  hold  in  the 
low  end.  On  the  initiator  side,  the  compa¬ 
nies  who  are  developing  iSCSI 
[adapters]  are  not  doing  well.Trebia  and 
iReady  already  went  under. The  reason  is 
that  iSCSI  [adapters]  are  expensive. 
Customers  don’t  want  to  buy  a  $2,000 
server  and  a  $1,000  [adapter] .  ISCSI 
became  a  software  implementation  run¬ 
ning  on  a  standard  Ethernet  adapter.  It 
was  like  a  free  [adapter] ,  if  you  wish. 

Are  you  saying  that  people  were  downloading 
the  Microsoft  iSCSI  driver  and  putting  it  on  an 
inexpensive  Gigabit  Ethernet  adapter? 

That’s  right.  Sun  is  also  coming  out  with 
a  Solaris  iSCSI  [driver] .  ISCSI  is  going 
through  a  transition  and  is  going  to  be 
based  on  iSER  [iSCSI  Extensions  for 
Remote  Direct  Memory  Access],  which  is 
related  to  the  RDMA  over  Uncalled  iSCSI 
2.The  dirty  little  secret  in  the  industry  is 
that  iSCSI  is  changing,  and  it’s  not  clear 
how  the  backward-compatibility  will  be 
yet.  It’s  going  to  be  a  while  before  iSCSI  is 
going  to  be  credible  enough  for  Sun  to 
deploy  it. 


What  about  disk  technologies  like  Serial 
Advanced  Technology  Attachment9 

Serial  ATA  is  on  our  horizon.  We  an¬ 
nounced  that  we  will  have  a  product  this 
year. You  will  see  a  product  [this  month]. 
We’ve  talked  about  needing  different 
classes  of  storage,  some  of  which  are  opti¬ 
mized  for  performance  and  availability 
and  the  other  for  low  cost  and  a  different 
type  of  availability  If  you  think  of  informa¬ 
tion  life-cycle  management,  it’s  very  im¬ 
portant  to  be  able  to  assign  different  cost 
and  performance  metrics  for  the  data. 

What  do  you  think  is  going  to  win  out  as  the 
standard  for  cluster  interconnects? 

People  tend  to  think  about  clusters  as 
for  one  type  of  application  or  another. 
Some  applications  have  great  tolerance 
for  latency  and  some,  like  databases, 
don’t  have  any  tolerance  for  latency  The 
reason  you  want  to  run  an  application  in 
a  cluster  is  because  you  believe  an  appli¬ 
cation  can  be  broken  down  into  parallel 
executable  chunks.You  can  take  the 
chunks  and  run  them  on  different  com- 
puters.The  size  of  the  chunk  or  thread 
defines  the  maximum  latency  you  can 
have  for  synchronization. The  smaller  the 
chunk  means  it  can  be  put  onto  larger 
amounts  of  servers.  Customers  need  to 
analyze  the  behavior  of  their  applica¬ 
tions.  Database  clusters  will  focus  on 
InfiniBand.Technical  compute  clusters 
will  depend  on  InfiniBand,  Myricom  or 
Quadrics. 

What  about  10G  Ethernet  as  a  cluster 


interconnect? 

10G  Ethernet  with  RDMA  will  be 
harder  to  do  than  people  envision.  We 
are  keeping  track  of  start-up  companies 
that  are  doing  this  like  S2IO  and 
NetEffect.The  picture  that  is  emerging  is 
that  10G  Ethernet  with  RDMA  will  be 
deployable  in  late  2005,  early  2006. 10G 
Ethernet  has  an  internal  latency  of  250 
microsec;  InfiniBand  has  a  4-microsec 
latency  It's  quite  possible  that  Ethernet 
can  take  over  in  an  area  where  latency  is 
not  that  critical. 

The  other  interesting  fact  is  that  as 
computers  get  faster  and  faster,  the  la¬ 
tency  tolerance  will  decrease.There 
may  be  demand  in  the  future  for  lower- 
latency  technologies. The  fat  lady  hasn’t 
sung  yet. 

Fibre  Channel  also  has  an  interesting 
opportunity  against  Ethernet.  Server  cus¬ 
tomers  don’t  want  to  buy  $1,000  adapt¬ 
ers  for  a  $2,000  server  because  there  are 
other  technologies  that  are  good 
enough.  Linux  on  Opteron  is  good 
enough.  RDMA  over  10G  Ethernet  is 
going  to  be  very  expensive.  Customers 
associate  Ethernet  with  a  very  low  price 
point.  On  the  other  side  in  the  Fibre 
Channel  space,  we’re  talking  $1,000  to 
$2,000  per  adapter,  which  has  forced 
Fibre  Channel  vendors  to  innovate.The 
lack  of  a  pricing  umbrella  for  10G  Ether¬ 
net  doesn’t  allow  them  to  innovate.  In 
the  Ethernet  adapter  space,  most  of  the 
effort  was  on  cost  reduction  rather  than 
innovation.  I  don’t  know  if  10G  Ethernet 
can  get  traction  in  the  market  because  of 
the  lack  of  the  pricing  umbrella.® 
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When  business  losses  are  measured  in  seconds, 
preemption  beats  “reaction  ”  every  time. 
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ISS  PREEMPTS  THE  THREAT.  OTHERS  REACT  TO  IT. 


The  only  effective  security  is  preemption.  This  preemptive  power  is  only  available  with  the  Proventia7"  Security  Platform  from  Internet 
Security  Systems.  When  software  security  flaws  are  discovered,  Internet  Security  Systems’  world-renowned  research  team  updates  Proventia 
to  immediately  shield  against  any  attacks  targeting  weak  spots.  Regardless  of  the  size  of  your  business,  this  new  standard  in  Internet 
security  can  help  keep  you  off  the  path  to  disaster  and  reduce  your  total  cost  of  ownership  -  In  fact,  when  we  manage  Proventia  for  you, 

we’ll  even  guarantee  protection.  Need  proof?  Get  your  free  whitepaper,  Preemptive  Protection:  Setting  a  New  Standard  in  Security,  at 
www.iss.net/proof/whitepaper  or  call  800-776-2362. 
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ADVERTISEMENT 


"Our  goal  in  information  systems  is  to  leav# 
behind  an  organization  that's  more  efficient 
than  when  we  arrived."  —  Sue  simonett 


Sue  Simonett 
Senior  Director  of  IS 

General  Mills,  Inc. 

Minneapolis,  Minnesota 

Sue  Simonett  has  always  worked  in 
Information  Systems  (IS),  a  career  she  loves 
both  for  the  strategic  view  it  has  afforded  as 
well  as  the  ability  to  positively  impact  the 
lives  of  end  users. 

Recently  charged  with  reinventing  the  way 
that  a  sales  force  of  450  retail  reps  man¬ 
aged  their  numerous  product  lines,  she's 
implemented  an  ingenious  handheld  sys¬ 
tem  that  brings  technology  to  the  front 
lines  of  the  company. 

Using  a  stylus  and  a  handheld  mobile 
device,  sales  reps  now  electronically  record 
product  information  while  in  the  store.  Gone 
are  the  days  of  messy  paper  logs  and 
evenings  spent  keying  the  day's  data  into  a 
laptop  for  downloading  to  corporate.  At  the 
end  of  each  day,  the  rep  simply  places  the 
device  in  a  cradle  and  the  data  is  sent 
directly  from  the  handheld.  The  results:  sales 
reps  that  can  handle  more  products  with 
fewer  errors,  and  get  the  right  products  to 
the  right  shelves  faster. 

Great  Moment  at  Work:  "My  first  ware¬ 
house  management  system,  start-up  day. 
We  designed  a  top  notch  system  that  total¬ 
ly  reengineered  the  business  and  it  was 
really  gratifying  when  everything  fell  right 
into  place." 

Microsoft  Office  System  salutes  those  who 
have  done  great  work  in  the  IT  field. 


Great  Moments  at  Work. 

Success  Stories  of  an  IT  Hero 


©  2004  Microsoft  Corporation.  All  rights  reserved.  Microsoft  and  the  Office  logo  are  either  registered  trademarks  or  trade¬ 
marks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products 
mentioned  herein  may  be  the  trademark  of  their  respective  owners. 


Microsoft* 

Office 


TM 


www.nwfusion.com 

6/7/04 

NetworkWorld 

29 

■  PORTALS  ■  MESSAGING/GROUPWARE 

■  E-COMMERCE  ■  SECURITY 

■  MIDDLEWARE  ■  DIRECTORIES 

■  NETWORK  AND  SYSTEMS  MANAGEMENT 

■  WEB  SERVICES 


Google  upgrades  search  appliance 


■  BY  ANN  BEDNARZ 


Google  last  week  released  a  new  ver¬ 
sion  of  its  enterprise  search  product,  an 
appliance  built  with  the  same  code  base 


Takes 


■  The  JBoss  application  server  and 
MySQL  database  got  a  boost  from 
HP  last  week  when  the  computer 
company  said  it  would  offer  technical 
support  for  the  two  open  source  pro¬ 
jects.  HP  has  entered  into  partnership 
agreements  with  The  JBoss  Group 
and  MySQL  Under  the  deals,  JBoss 
and  MySQL  will  be  tested  and  certi¬ 
fied  for  use  on  HP's  ProLiant  and 
Integrity  servers  via  the  HP  Partner 
Program.  HP’s  support  organization 
also  has  been  trained  to  handle  sup¬ 
port  calls  covering  JBoss  and  MySQL, 
which  gives  customers  one  point  of 
contact  for  technical  support  effec¬ 
tive  June  1,  HP  said.  The  deal  will 
make  things  easier  for  users  in  large 
companies  who  want  to  implement 
the  two  open  source  products,  and  it 
will  help  expand  the  pool  of  open 
source  users. 

■  F5  Networks  last  week  bought 
MagniFire  WebSystems,  a  maker 
of  Web  application  firewall  hardware, 
for  $29  million  in  cash,  F5  said.  The 
company  will  add  MagniFire’s 
TrafficShield  security  appliance  to 
its  Application  Traffic  Management 
architecture,  letting  companies  spot 
attacks  on  Web-based  applications, 
F5  said.  TrafficShield  is  a  rack¬ 
mounted  security  appliance  that 
scans  incoming  HTTP  Web  traffic 
for  evidence  of  attacks  or  suspicious 
activity.  The  product  can  spot  a  long 
list  of  potential  threats  to  Web-based 
applications  and  services,  including 
denial-of-service  attacks.  In  related 
news,  F5  on  Monday  unveiled  a  new 
version  of  the  FlrePass  Con¬ 
troller.  The  new  version  of  FirePass 
adds  support  for  clients  running  on 
Apple's  Macintosh  operating  system 
and  on  Linux. 


and  content-crawling  technology  as  the 
software  that  runs  the  company’s  public 
Webwide  search  site,  Google.com. 

The  Google  Search  Appliance  is  a  sim¬ 
ple  engine  designed  to  help  companies 
manage  their  internal  and  external  con¬ 
tent  without  a  lot  of  headaches.lt  installs 
quickly  and  can  handle  1.5  million 
documents,  which  is  five  times  its  prede¬ 
cessor’s  capacity,  according  to  Dave 
Girouard,  general  manager  of  the  enter¬ 
prise  group  at  Google.  It’s  also  faster: 
Google  increased  the  appliance’s  query 
performance  fivefold,  from  60  queries 
per  minute  to  300  queries  per  minute, 
he  says. 

The  appliance  is  the  first  major  upgrade 
of  Google  Search  Appliance,  which  de¬ 
buted  in  2002.  Back  then,  the  company  also 
offered  enterprise  customers  a  hosted 
search  service,  giving  companies  a  choice 
to  deploy  their  own  Google  appliance  or 
let  Google’s  service  run  the  search  engine 
for  their  sites. 

But  the  company  no  longer  offers  its 
hosted  search  service,  Girouard  says.  The 
appliance  gives  users  tighter  control  over 


Google’s  Search  Appliance  can  index 
1.5  million  corporate  documents  and 
process  300  queries  per  minute. 


which  content  is  crawled  and  indexed 
than  the  service  did,  and  better  reporting 
features  for  tracking  usage,  he  says. 

To  save  bandwidth,  Google  Search 
Appliance  now  operates  in  a  continuous 
crawl  mode  and  only  indexes  content  that 
has  been  altered  since  the  last  index. 
Earlier  versions  re-indexed  all  content,  in 
batches,  Girouard  says. 

Google  worked  to  improve  security  in  the 
appliance.  The  earlier  version  offered  sup¬ 
port  for  Microsoft’s  NTLM  authentication 
technology  The  appliance  adds  single  sign- 
on  support.  Before  the  appliance  serves 
search  results  to  a  user,  it  validates  the 
user’s  authority  to  view  content  sources, 
Girouard  says. 


The  field  of  vendors  offering  enterprise 
search  technology  is  large.  Google’s  com¬ 
petition  includes  specialized  search  ven¬ 
dors  such  as  Autonomy  Convera,  Endeca, 
iPhrase  and  Verity.  Business  software  mak¬ 
ers  such  as  Oracle  and  SAP  also  offer 
search  applications. 

Google’s  brand  recognition  makes  its 
appliance  a  popular  entry  on  enterprise 
shortlists,  according  to  Whit  Andrews,  a 
research  director  at  Gartner.“Its  low  price, 
term  license  and  simple  deployment 
models  are  best  used  in  tactical  external 
or  intranet  installations  where  content 
need  not  be  indexed  directly  from 
dynamic  repositories,”  Andrews  wrote  in 
an  evaluation  of  the  enterprise  search 
market  Gartner  published  last  month. 

Where  the  Google  appliance  falls  short  of 
some  of  its  more  sophisticated  competi¬ 
tion  is  in  its  relevancy  analysis  of  queries 
and  document  structure  semantics,  ac¬ 
cording  to  Andrews. 

The  upgraded  Google  Search  Appliance 
is  a  2U  Intel  architecture  server  running 
Linux.  (The  earlier  version  was  1U.)  Pricing 
starts  at  $32,000.  ■ 


Start-up  picks  up  bad  behaviors 

Intrusion-prevention  software  fends  off  memory-based  attacks. 


■  BY  ELLEN  MESSMER 

Start-up  Determina  makes  its  debut  this 
week  with  server-based  intrusion-preven¬ 
tion  system  software  that  blocks  attacks  — 
such  as  buffer  overflows  often  seen  with 
computer  worms  such  as  Blaster  and 


Sasser  —  that  can  compromise  corporate 
computers. 

The  IPS,  called  SecureCore,  runs  on  all 
variants  of  Windows-based  servers,  and 
Determina  also  is  developing  versions  of 
its  IPS  for  Linux  and  Windows  desktops. 

The  start-up  competes  against  Sana 


Security,  Network  Associates  with  its 
Entercept  software  and  Cisco  with  its 
Security  Agent,  which  is  based  on  the 
StormWatch  software  it  gained  with  the 
Okena  acquisition  last  year.  Start-up  PivX 
introduced  host-based  IPS  in  March. 

Determina’s  behavior-blocking  technol¬ 
ogy,  dubbed  Memory  Firewall,  is  derived 
from  years  of  research  at  Massachusetts 
Institute  of  Technology,  according  to  CEO 
and  co-founder  Nand  Muchandani.  He 
says  Determina’s  SecureCore  software 
works  by  recognizing  what  are  called 
“memory-based"  attacks  against  Windows 
servers  and  blocking  them  automatically 
without  having  to  configure  for  specific 
policies  or  add  signature-based  updates. 

“These  memory-based  attacks,  such  as 
buffer  overflows,  corrupt  memory’  he  says. 
“We’ve  seen  this  with  Sasser  and  B Lister" 
The  worms  exploited  unpatched  computer 
systems  to  compromise  machines. 

SecureCore  doesn’t  guard  against  other 
types  of  attacks,  such  as  denial-of-service. 
cross-site  scripting  or  privilege  escalation, 
See  Intrusion-prevention,  page-  33 
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Product: 

Funding: 


Fun  fact: 


Nand  Muchandani,  CEO;  Saman  Amarsinghe,  CTO  (plus  several  of 
his  Ph.D.  students  at  MIT  where  Amarsinghe  is  associate  professor 
in  Computer  Science);  Sandy  Wilbourn,  vice  president  engineering. 

Memory  Firewall,  intrusion-prevention  software  forWindows  servers. 

$19  million  from  BessemerVenture  Partners,  Mayfield  and  U.S. 
Venture  Partners.  _ _ _ _ 

Determina's  core  technology  is  said  to  be  based  on  eight  years  of 
research  at  MIT  and  HP. 
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ENTERPRISE-CLASS 
REMOTE  ACCESS  GIVING  YOU 
AN  ENTERPRISE-CLASS 
HEADACHE? 

RELIEF  IS  ON  THE  WAY. 


Manage  all  your  remote-user  stress  away — with  simplicity,  security,  and  savings. 
Now,  no  matter  what  type  of  remote  user  you're  supporting — from  the  road  warrior 
to  the  receptionist — you  can  ease  the  pain.  Thanks  to  GoRemote.  Recently  named 
"a  visionary  market  leader"  by  Gartner,  GoRemote  streamlines  mobile,  teleworker, 
and  branch-office  connectivity  for  over  1,700  enterprise  customers  worldwide. 
Our  GoRemote  Global  Network™  is  the  world's  largest  and  eliminates  the  security 
concerns,  expense  issues,  and  hassle  factors  plaguing  your  accessible-from- 
anywhere  enterprise.  Don't  take  our  word  for  it.  See  what  Gartner  says.  Download  the 
white  paper  "U.S.  Managed  Remote-Access  1H04:  Leaders,  Visionaries"  today — 
and  start  putting  yourself  back  in  control  once  and  for  all.  www.GoRemote.com 
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DataPower,  Reactivity  add 
to  their  XML  security  line 


■  BY  JOHN  FONTANA 

Amid  the  growing  corporate  interest  in  Web  ser- 
vices-based  infrastructures,  DataPower  and  Reactiv¬ 
ity  this  week  will  introduce  upgrades  designed  to 
help  users  boost  XML  security 

DataPower  will  ship  Version  3.0 
of  the  firmware  for  its  XS40  XML 
Security  Gateway  and  XA35  XML 
Accelerator.  The  upgrade,  de¬ 
signed  to  make  DataPower  appli¬ 
ances  simpler  to  configure  and 
manage,  adds  enhancements  to 
XML  schema  validation,  XPath 
queries  for  field-level  security 
and  boosts  security  for  XML  mes¬ 
sages  with  attachments. 

Reactivity  will  release  Gateway 
D,  a  desktop  appliance  that  deliv¬ 
ers  an  XML  firewall  test  environ¬ 
ment  for  developers,  and  Gate¬ 
keeper,  a  free  software  plug-in  for 
application  or  Web  servers  that 
prevents  unauthorized  access  to  Web  services  from 
within  the  internal  corporate  network.  The  Gate¬ 
keeper  works  with  Reactivity’s  XML  Firewall,  a 
perimeter  appliance  that  controls  external  access 
and  blocks  malicious  attacks. 

“Users  can  have  internal  attacks  on  Web  services 
just  like  they  can  have  attacks  from  the  outside,” says 
Randy  Heffner,  an  analyst  with  Forrester  Research. 
Typically  those  attacks  take  the  form  of  malformed 
messages  or  malicious  XML  code  inserted  into  mes¬ 


sages  that  are  based  on  the  Simple  Object  Access 
Protocol  (SOAP). “The  Gatekeeper  gives  you  security 
capabilities  for  the  application,  and  there  is  no  way 
a  rogue  message  can  get  in,”  he  says. 

The  Gatekeeper  ensures  that  the  Reactivity  XML 
Firewall  has  issued  a  valid  secur¬ 
ity  assertion,  based  on  the 
Security  Assertion  Markup 
Language  (SAML),  and  included 
a  digital  signature  on  every  SOAP 
message.  The  Gatekeeper  works 
with  other  SAML-enabled  autho¬ 
rization  engines  such  as  those 
from  IBM  Tivoli,  Netegrity  Oblix 
and  RSA  Security  and  with  Web 
services  management  products 
from  Actional  and  Amberpoint. 

The  Gateway  D  desktop  appli¬ 
ance  supports  HTTP  XML,  RPC 
requests  and  parameter  passing, 
and  Web  services  standards  WS- 
Security  1.0  and  SAML  1.0  and 
1.1.  It  lets  companies  use  a 
Reactivity  XML  Firewall  during  application  devel¬ 
opment  without  having  to  purchase  a  $50,000 
license.  Gateway  D  costs  $5,000. 

DataPower  is  linking  its  security  hardware  appli¬ 
ance  with  application  development  environments. 
The  3.0  firmware  will  include  integration  with  the 
Eclipse  open  source  development  suite  and  IBM 
WebSphere  Studio. 

DataPower  and  Reactivity  products  compete 
with  Westbridge  Technology  Vordel  and  Sarvega.  ■ 


XML  traffic 
report 

XML  will  account  for 

35% 

of  LAN  traffic  by  2007, 
equal  to  the  amount  of 
HTTP,  e-mail  and 
instant-messaging 
traffic  combined, 
according  to  ZapThink. 


Netegrity  updates 
eProvision  product 


■  BY  PAUL  ROBERTS 

Identity  management  software 
company  Netegrity  last  week 
unveiled  IdentityMinder  eProvi¬ 
sion  4.0,  with  improved  work- 
flow  features  that  let  administra¬ 
tors  create  and  manage  policies 
for  extending  or  curtailing  user 
access  to  network  resources 
and  applications. 

The  software  is  the  first  major 
release  of  the  eProvision  prod¬ 
uct  since  Netegrity  purchased 
provisioning  company  Business 
Layers  in  December  2003,  says 
Randy  Fuller,  product  marketing 
manager  at  Netegrity 

Netegrity  has  added  a  work- 
flow  engine  to  eProvision  4.0 
that  includes  a  GUI  that  lets  ad¬ 
ministrators  use  “drag  and  drop” 
features  to  build  workflow  pro¬ 
cesses,  such  as  creating  a  series 
of  actions  needed  to  change  a 
user’s  access  to  network  re¬ 
sources.  Earlier  versions  required 
administrators  to  write  scripts  to 
create  new  processes,  Fuller  says. 

With  a  feature  called  “intelligent 
workflow  process,”  eProvision  4.0 
lets  multiple  workflow  tasks  take 
place  simultaneously  rather  than 


requiring  one  task  to  be  com¬ 
plete  before  another  can  begin, 
Netegrity  says. 

Together,  the  changes  are  in¬ 
tended  to  make  eProvision  more 
enticing  to  enterprise  customers 
looking  for  ease  of  use  and  solid 
administration  features,  he  says. 

A  number  of  factors  are  driving 
interest  in  user  provisioning  tech¬ 
nology  which  makes  it  easier  to 
manage  access  to  resources  on  a 
company’s  network.  Companies 
want  to  extend  access  to  a  range 
of  users,  from  employees  to  cus¬ 
tomers  and  business  partners, 
and  a  diverse  range  of  applica¬ 
tions,  including  internal  and  Web- 
based  external  applications. 
Companies  are  anxious  to  com¬ 
ply  with  new  regulations  govern¬ 
ing  information  privacy  including 
the  Sarbanes-Oxley  Act  of  2002, 
which  mandates  that  companies 
maintain  strict  control  over  their 
financial  systems,  Netegrity  says. 

The  newest  version  of  eProvi¬ 
sion  is  due  out  this  month  and 
costs  about  $30  per  user. 

Roberts  is  a  correspondent  with 
the  IDG  News  Services  Boston 
bureau. 
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I  have  a  cell  phone,  you  don’t  have  the 
number,  and  I  want  to  keep  it  that  way 
But  if  some  of  the  good  people  in  the 
cellular  phone  industry  have  their  way,  I 
soon  might  have  to  pay  for  the  privilege  of 
privacy  in  this  case,  just  like  1  have  to  in 
other  dealings  with  the  phone  world. 

New  reports  surfaced  at  the  end  of  May 
that  the  Cellular  Telecommunications  & 
Internet  Association  (CTIA)  was  develop¬ 
ing  a  directory  that  would  include  listings 
for  about  75%  of  the  164,424,519  million 
US.cell  phones.  (The  number  comes  from 
www.ctia.org  and  was  current  on  May  31  at 
3  p.m.  EDT) 


Maintaining  general  unreachability 


Steve  Largent,  president  of  the  CTIA,  was 
quoted  as  having  said:“This  system  will  pro¬ 
vide  consumers  an  opportunity  to  opt  in,  if 
they  choose.”  Pardon  me  for  scoffing. 

The  chance  of  the  CTIA  getting  more 
than  120  million  people  to  individually 
authorize  it  to  include  their  cell  phone 
number  in  the  directory  is  small.  Largent  is 
being  disingenuous  at  best.  Almost  all  the 
authorizations  that  he  seems  to  be  refer¬ 
ring  to  are  buried  in  the  fine  print  deep 
inside  the  contracts  we  have  to  sign  (and 
are  not  permitted  to  modify)  when  we  get 
cell  phone  services.  Hardly  the  individual 
“opt  in”  that  Largent  implies. 

The  phone  companies  have  dealt  with 
this  sort  of  thing  before.They  have  a  simple 
answer:  Make  the  customer  pay  It  costs  me 
$  1 .2 1  per  month  to  not  have  the  number  of 
my  fax  machine  listed  in  the  printed 
Verizon  white  pages  directory  It  would  cost 
an  additional  fee  not  to  have  the  number 


handed  out  to  people  who  call  directory 
information. 

Because  the  CTIA  is  not  likely  creating 
this  directory  out  of  the  goodness  of  its 
heart,  the  group  must  have  a  business 
model  in  mind.  Because  this  is  a  major  pro¬ 
ject,  one  would  think  there  would  be  infor¬ 
mation  about  it  on  the  CTIA  Web  site.  But 
the  only  mention  I  can  find  is  in  an  article 
titled  “Wireless  directory  brings  up  privacy 
issues”  on  the  “daily  news”  page  for  May  20. 
This  article  mentions  that  Rep.  Joseph  Pitts 
(R.-Pa.)  introduced  a  bill  to  block  the 
inclusion  of  cell  numbers  in  directories  for 
people  who  have  not  actually  authorized  it 
and  mentions  that  Verizon  said  it  would  not 
adhere  to  such  a  rule,  which  means  I  do 
not  have  to  worry  about  the  threat  for 
myself  —  yet. 

One  business  model  would  be  to  extort 
money  from  people  who  did  not  want  to 
be  included.  Press  reports  say  that  the  CTIA 


says  this  will  not  happen,  but  I  haven’t 
found  where  the  group  directly  says  that.  I 
wonder  what  the  business  model  is.  How 
the  phone  industry  deals  with  this  direc¬ 
tory  may  foretell  what  will  happen  with 
Enum.  Enum  is  an  IETF  technology  that 
will  be  used  to  map  phone  numbers  into 
Internet  URLs  (see  nww.nwfusion.com, 
DocFinder:  2325). There  are  a  lot  of  poten¬ 
tial  uses  for  Enum. 

This  situation  with  the  CTIA  is  another 
case  where  customer  opt-in  will  be  vital  for 
preserving  privacy  It  would  be  nice  if  the 
“opt  in”  actually  meant  it.  We’ll  see  if  CTIA 
can  understand  the  concept. 

Disclaimer:  Developing  and  understating 
concepts  is  the  raison  d'etre  for  a  place  like 
Harvard,  but  this  observation  is  my  own. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sob.com 


Intrusion-prevention 

continued  from  page  29 

Muchandani  adds. 

Determina’s  assertion  that  SecureCore  easily  can  be 
added  to  the  server  to  safeguard  unpatched  computers 
is  a  claim  borne  out  by  some  security  managers  who 
have  tested  the  IPS. 

“You  put  the  disk  in,  say ‘accept,’ and  then  re-boot  the 
machines,  and  that’s  it,”  says  Michael  Kamens,  global 
network  and  security  manager  at  Thermo  Electron,  a 
global  laboratory  equipment  manufacturer  in  Wal¬ 
tham,  Mass.,  which  has  been  testing  Determina’s  soft¬ 
ware  for  the  past  three  months. 


Kamens  says  he  installed  SecureCore  on  15  servers 
left  unpatched  and  near  the  firewall’s  access  to  the 
Internet  to  see  if  SecureCore  could  recognize  and 
block  attacks  without  registering  false  positives. 

“It  blocked  Sasser,” says  Kamens,  alluding  to  the  worm 
that  spread  a  few  weeks  ago  and  infected  unpatched 
Microsoft-based  computers  across  the  world.  He  said 
he  has  gained  enough  confidence  in  SecureCore  to 
add  it  to  Thermo  Electron’s  800  servers. 

Although  Kamens  doesn’t  plan  to  forego  other  secu¬ 
rity  protections,  such  as  anti-virus  software,  he  says 
SecureCore  was  more  effective  than  anti-virus  software 
during  the  Sasser  worm  outbreak. 

Determina’s  software  works  by  blocking  suspicious 


computer  behavior,  and  thus  this  type  of  security  soft¬ 
ware  is  also  called  “behavior-blocking.”  In  his  keynote 
speech  at  the  RSA  Conference  in  February,  Microsoft 
CEO  Bill  Gates  said  he  wants  to  build  behavior-block¬ 
ing  features  into  Microsoft  products. 

Determina  SecureCore  is  sold  with  a  management 
console  for  deploying  the  Determina  SecureCore 
Agents  to  Windows  servers.  The  company  offers 
specific  software  packages  for  Microsoft  SQL  Server, 
Internet  Information  Server  and  Exchange.  The 
management  console,  which  centralizes  logging  and 
event  monitoring,  only  generates  an  alert  if  there  is 
an  attack.  Pricing  for  SecureCore  starts  at  $500  per 
server.  ■ 
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Identity  mgmt.  takes  on  new  shape,  importance 


■  BY  JOHN  FONTANA 

Driven  by  network  security  concerns,  regulatory  leg¬ 
islation  and  cost  savings,  identity  management  is 
climbing  the  corporate  importance  meter. 

The  trend  is  seen  in  end-user  projects,  in  consolidation 
of  vendors  and  product  categories,  and  the  appearance 
of  broad  suites  of  identity  management  software  from 
Computer  Associates,  IBM,  Microsoft,  Novell,  RSA 
Security,  Sun  and  others. 

“The  question  is,  What  kinds  of  risks  will  we  be  taking 
if  we  are  without  identity  management?” says  Ahmed  El- 
Haggan,  CIO  and  professor  of  computer  science  at 
Coppin  State  University  in  Baltimore.“We  are  adding  a 
lot  of  access  that  we  didn’t  offer  before  so  the  question 
becomes,  Can  we  live  without  identity  management  in 
the  future?” 

El-Haggan’s  answer  is  “no,”  and  he  has  started  to 
address  the  issue  by  rolling  out  IdentityMinder  eProvi- 
sion  from  Netegrity,  which  lets  4,000  students  and  even¬ 
tually  4,000  staff  and  alumni  create  and  manage  their 
own  identities  for  email  accounts  and  network  access. 
“We  call  it  on-demand  access,”  El-Haggan  says. 

No  is  the  answer 

“No”  is  also  the  answer  from  many  end  users  who  say 
legislation  such  as  the  Health  Insurance  Portability  and 
Accountability  Act,  Gramm-Leach  Bliley  and  Sarbanes- 
Oxley,  is  tipping  their  hand  with  requirements  for  data 
protection  and  closely  controlled  access. 

“Compliance  is  huge  right  now.  It  is  the  silver  bullet  that 
identity  management  was  looking  for’’ says  Ira  Horowitz, 
director  of  worldwide  marketing  for  Max  Ware,  which 
develops  a  suite  of  identity  management  products. 

Burton  Group  predicts  that  every  organization  will  be 
involved  in  an  identity  management  project  within  the 
next  two  years. 

That  conclusion  points  to  the  fact  that  corporations  no 
longer  can  ignore  the  need  to  manage  a  user’s  identity 
from  creation  to  deletion,  which  ensures  logging  and 
auditing  of  who  is  on  the  network,  and  what  they  are 
doing,  why  and  when. 

Providing  all  that  control,  however,  leads  to  a  complex 
identity  management  infrastructure  that  includes  access 
management,  provisioning,  meta-directory  virtual  direc¬ 
tory  password  management,  single  sign-on  and  directory 
technology. 

That  complexity  is  driving  three  major  trends  in  the 
market  —  development  of  product  suites,  vendor  con¬ 
solidation  and  merging  of  product  categories. 

Recently  Netegrity  and  Sun  snapped  up  provisioning 
vendors  Business  Layers  and  Waveset,  respectively.  In 
the  past  18  months,  HP  bought  identity  vendor 
TruLogica  and  access  management  software  from 
Baltimore  Technologies,  and  IBM  acquired  provisioning 
vendor  Access  360  and  meta-directory  start-up 
MetaMerge. 

Less  ominous 

Conversely,  vendors  also  are  merging  product  cate¬ 
gories  to  make  their  offerings  seem  less  ominous.  Pro¬ 
visioning,  meta-directory  and  password  synchronization 
are  consolidating  into  user  management  software.  Web 


Building  an  identity  infrastructure 

With  more  than  60  vendors  offering  identity 
management  products,  carving  out  an  overall 
identity  strategy  can  be  difficult. 

Challenges 

•  While  major  vendors  are  building  suites,  many  are 
not  integrated  well  enough  today  to  provide  benefits 
of  component  reuse  and  pre-built  integration. 

•  As  with  any  project  that  involves  directories  and 
multiple  identity  repositories,  users  must  ensure 
the  accuracy  of  their  data.  Courion,  MaXware, 
M-Tech  and  Sun  offer  tools  to  help. 

•  Recognize  the  dependencies  between  certain 
products,  such  as  rule-based  access  management, 
which  might  require  meta-directory  or  provisioning 
software. 

Strategies  

•  Keep  a  close  eye  on  the  convergence  of  specific 
technologies  and  purchase  products  that  offer 
functional  versatility. 

•  Push  vendors  to  adopt  emerging  standards  or  move 
their  protocol  work  into  recognized  standards  bodies. 

•  Consider  six  core  areas  when  defining  a  project, 
Burton  Group  says:  account  management,  identity 
synchronization,  permission  management,  access 
management,  single  sign-on  and  credential 
management. 


access  management,  self-service/delegated  administra¬ 
tion  and  audit  technology  are  converging  into  autho¬ 
rization  products. 

Last  week,  Sun  consolidated  its  product  line  from  eight 
separate  offerings  to  three.  Microsoft  has  only  three  foun¬ 
dation  products  in  its  lineup  anchored  by  Active  Direct¬ 
ory  and  relies  on  third-party  software  to  add  layers  of 
control. 

The  trend,  however,  leaves  users  with  less  of  a  choice 
between  best-of-breed  software  and  products  from  one 
vendor. 

Gartner  says  by  next  year,  the  complexity  of  integrat¬ 
ing  the  components  of  identity  and  access  manage¬ 
ment  packages  will  cause  60%  of  corporations  to 
choose  product  suites  that  are  owned  or  licensed  by, 
and  supported  through,  one  vendor. The  research  firm 
says  integration  costs  can  be  from  two  to  six  times  the 
cost  of  the  software  license  fee  for  identity  manage¬ 
ment  products. 

“I  think  it  is  better  to  go  best-of-breed,  but  standardiz¬ 
ing  on  one  vendor  can  provide  a  consistency”  says 
Mike  Ruman.IT  messaging  manager  for  accounting 
firm  Grant  Thornton.  Ruman  says  identity  standards 


such  as  the  Security  Assertion  Markup  Language 
(SAML)  and  the  Extensible  Access  Control  Markup 
Language  (XACML)  will  allow  him  the  best  of  both 
worlds. The  company  is  using  Active  Directory  to  han¬ 
dle  single  sign-on  capabilities  for  applications  that  it 
outsources,  and  is  evaluating  Microsoft  Identity 
Integration  Server  to  ease  synchronization  between 
the  directory  and  user  data  stored  in  human  resources 
databases. 

Adding  further  to  the  complexity  of  identity  manage¬ 
ment  is  the  emerging  federated  identity  trend  that  lets 
corporate  identities  be  used  as  valid  credentials  to 
access  a  partner’s  network. 

The  5th  3rd  Bank  in  Cincinnati  recently  completed  a 
project  using  SAML  that  makes  local  user  identities  valid 
for  sign-on  to  outsourced  human  resources  applications. 

“We  had  to  get  the  ID  from  Point  A  to  Point  B,  and  that 
was  federated  identity?’ says  Bob  West,  chief  information 
security  officer  for  the  bank. 

The  company  used  the  Federated  Identity  Manager 
from  RSA  to  anchor  the  project.  Companies  such  as 
Oblix,  Phaos,  Ping  Identity  and  Trustgenix  offer  similar 
software,  and  the  Liberty  Alliance  and  the  IBM/Microsoft 
duo  are  developing  competing  federated  identity  man¬ 
agement  frameworks,  although  both  support  the  Web 
Services  Security  and  SAML  standards.  West  says  he  has 
factored  federated  identity  into  his  plan  for  an  entire 
identity  management  infrastructure. 

“The  intent  is  to  get  an  identity  layer  that  all  our  appli¬ 
cations  can  plug  into,”  he  says.“We  want  a  consistent 
framework  for  the  Web  and  other  platforms,  for  reducing 
sign-ons  and  automating  access  administration.” 

Web  services  identities 

Creating  such  an  infrastructure,  however,  won’t  include 
only  identifying  users.  With  the  advent  of  Web  services, 
users  are  grappling  with  identities  for  machines  that  talk 
to  each  other. 

“With  Web  services  the  question  is,  How  do  we  man¬ 
age  the  identities  of  applications,  services  and 
devices?”  says  an  IT  architect  for  a  Fortune  100  manu- 
facturer.“How  do  we  establish  an  identity  for  a  service? 
How  does  that  service  prove  its  identity?  And  it  gets 
even  more  complex  as  I  interact  with  things  outside 
my  organization. There  are  no  tools  out  there  for  nam¬ 
ing  those  things.” 

While  the  benefits  of  identity  management  seem 
clearly  defined,  the  myriad  of  issues  inherent  in  identity 
management  means  building  a  comprehensive  infra¬ 
structure  could  take  years. 

“Users  should  be  thinking  strategically  but  acting  tacti¬ 
cally”  says  Mike  Neuenschwander,  an  analyst  with 
Burton.  He  says  emerging  standards  for  things  such  as 
policy,  privacy  auditing,  digital  rights  management  and 
access  control  will  further  change  the  landscape  and 
scope  of  identity  management. 

“Users  should  try  to  put  together  a  two-  to  five-year 
view  of  what  they  want  to  accomplish,”  he  says. 

But  overtime,  Neuenschwander  concludes,  identity 
management  will  spread  throughout  network  infra¬ 
structures  by  being  baked  into  application  platforms, 
network  appliances,  development  tools  and  client 
operating  systems.  ■ 
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NetVanta  1224STR 
The  functionality  of  five 
devices  for  the  price  of  one. 
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Introducing  the  NetVanta  1 224STR  from  ADTRAN. 


Managed,  24-Port 

Layer  2  Switch 

✓ 

IP  Access  Router 

✓ 

Stateful  Inspection  Firewall 

✓ 

DSU/CSU 

✓ 

Gigabit  Ethernet  Uplinks 

✓ 

QoS 

✓ 

VLAN  trunking 

✓ 

Command  Line  Interface  (CLI) 

✓ 

Intuitive  Web  GUI 

✓ 

ADTRAN  OS 

✓ 

Optional  Virtual  Private 
Networking 

✓ 

Optional  Dial  Backup 

✓ 

Optional  PBX  Connectivity 

✓ 

Unlimited  Telephone 

Technical  Support 

✓ 

Free  Firmware  Updates 

✓ 

5-Year  Warranty 

✓ 

Lower  the  cost  of  enterprise  connectivity  with  the  powerful  new 
NetVanta  1224STR.  This  full-function  WAN  /  LAN  access  platform 
does  the  work  of five  devices  for  the  price  of  one.  Suitable  for  networks 
of  any  size,  the  NetVanta  1224STR  offers  everything  you  need  to  bring 
a  branch  office  or  remote  location  online,  including  managed  Layer  2 
Ethernet  switching,  full-featured  IP  routing,  firewall  protection,  VPN, 
and  WAN  termination — all  in  a  compact  1U  chassis.  It  is  QoS,  VLAN, 
and  Gigabit  Ethernet  capable,  and  offers  affordable  dial  backup  and 
voice  options.  ADTRAN’s  new  NetVanta  1000  Series  is  backed  by  a 
100%  satisfaction  guarantee,  including  unlimited  technical  support, 
free  firmware  upgrades,  and  a  5-year  warranty. 


Register  to  win  a  free  NetVanta  1224STR  now! 
www.adtran.com/info/winnetvanta  1 224 


Available  at  a  price  point  well  below  competing 
multi-box  solutions,  the  NetVanta  1224STR 
will  change  the  way  you  connect  remote  locations. 


877.591.3055  Technical  Questions 
877.280.8416  Where  to  Buy 


The  NetVanta  Series 


NetVanta  1000  Series 
Integrated  Switch/Router  Platforms 
Managed  Layer  2  Ethernet  Switches 


NetVanta  2000  Series 
Firewalls/VPN 


NetVanta  3000  Series 
IP  Routers 


The  Network  Access  Company 


AdIrIi 


Copyright©2004  ADTRAN,  Inc.  All  rights  reserved.  ADTRAN  and  NetVanta  are  registered  trademarks  of  ADTRAN,  Inc. 
Five-year  warranty  applies  in  North  America  and  Europe.  EN70B060704NW 


Blocks  Everyth 


The  high-performance  PRO  Series -Sonic WALL'S  answer  to  your  network's 
most  intrusive  Internet  security  threats. 

Think  you're  protected  from  the  persistent  invasion  of  application  exploits,  worms,  and  malicious  traffic?  Think  again. 


The  PRO  4060  and  PRO  5060  from  SonicWALL®  provide  the  most  comprehensive  intrusion  prevention  solution  at  an  affordable  price, 
boasting  exceptional  performance  even  while  running  other  security,  mobility,  and  productivity  services. The  SonicWALL  - 
high-performance  PRO  Series  offers  unmatched  protection  from  application  worms,  blended  threats,  and  exploits,  including  those 
propagated  through  instant  messaging  and  peer-to-peer  applications.These  powerful  integrated  security  appliances  include  Deep 
Packet  Inspection  with  over  1 700  signatures  in  a  dynamically  updated  database.Tenacious  attacks  on  your  network  are  inevitable, 
but  with  IPS,  content  filtering,  gateway-enforced  anti-virus,  and  IPSec  VPN,  the  SonicWALL  PROs  relentlessly  combat  threats  and 
uncompromisingly  boost  your  business  productivity. 


The  SonicWALL  high-performance  PRO  Series.  Not  just  detection. ..prevention.  Get  to  work. 

To  learn  more  about  SonicWALL's  high-performance  PRO  Series  products  with  IPS — 
the  mandatory  element  of  network  security — contact  one  of  the  resellers  below  or  visit 

www.sonicwall.com/home/reseller.asp  to  find  a  SonicWALL  reseller  near  you. 

coNjuNGi$j|  Services  integrators 

NETWORKS  VTO  4hmd  Your  01  Sourer  for  Network  Solutions  — 


PRO  5060  and  PRO  4060 


Conjungi  Networks  E2  Services  SysIntegrators.LLC 

(866)818-9111  (866)  527-7100  (718)  545-5055 

www.conjungi.com www.e2-services.com www.sysintegrators.com 
WEST  CENTRAL  EAST 

©2004  SonicWALL,  Inc.  SonicWALL  is  a  registered  trademark  of  SonicWALL,  Inc.  F085v1-SW.0132 


SONICWALL 


Reading  someone  else’s  copy  of 

NetworkWorid 


, 


NetworkWorid 


Microsoft  users 


Apply  for  your  own  FREE 
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WiMax  starting  to  make 

Broadband  wireless  could  offer  alternative  to  DSL,  cable  modem 


its  move 

services. 

Other  options 

WiMax  has  several  competitors  in  the  emerging  wireless  broadband 
space.  Here  are  some  of  the  significant  competitors: 


Technology 

What  it  is 

Speed 

Range 

Upside 

Downside 

Mobile-Fi 

Mobile  system 
based  on 
emerging  IEEE 
802.20  standard 

1M  bit/sec 
upstream, 

500K  bit/sec 
downstream 

Up  to  12 
miles 

Mobility, 
low  latency 

Standard 

furtherfrom 

completion 

TD-CDMA 
(Time  Division- 
Code  Division 
Multiple 
Access) 

Originally 
designed  for 
overflow  traffic 
from  Wideband 
CDMA 

512K  to  2M  bit / 
sec  typical 

Up  to  18 
miles 

ITU-approved, 

familiarto 

carriers 

Few  data, 
cell  gear 
vendors  have 
embraced  it 

Wi-Fi 

IEEE  802.11 
network  with 
high-gain 
antennas 

Up  to  54Mbit  /sec 

Up  to  7 
miles 

Familiar 

technology, 

low-cost 

client 

Requires  line 
of  sight 

Axiowave  touts  debut  router 
as  key  to  turning  IP  profits 


■  BY  STEPHEN  LAWSON 

With  phones  and  LANs  steadily  going 
wireless  and  consumer  electronics  not  far 
behind, one  part  of  the  networked  world  — 
broadband  to  the  home  or  business  —  has 
stubbornly  remained  wired  in  most  cases. 

Cost,  complexity  and  proprietary  systems 
have  held  back  wireless  broadband  ser¬ 
vices  that  would  compete  against  DSL, 


■  Equant  announced  recently  that  it 
is  polishing  up  its  VoIP  services.  The 
carrier’s  Voice  for  IP  VPN  service  also 
is  available  in  17  additional  countries 
—  93  total  —  and  will  support  multiple 
vendor  products  by  year-end.  Equant 
says  it  will  support  VoIP  customer 
premises  gear  from  Avaya  and  Nortel, 
whereas  today  users  are  limited  to 
using  Cisco  gear.  The  carrier  also 
says  it  has  reduced  its  per-minute  off- 
net  service  rates  by  30%  to  50%.  For 
example,  the  per-minute  off-net  rate  in 
the  U.S.  is  now  2.9  cents  per  minute, 
which  the  carrier  says  is  competitive 
with  traditional  long-distance  service 
providers. 

■  BellSouth  last  week  enhanced  its 

Ethernet  transport  services  for 

business  customers.  Enhancements 
to  BellSouth's  Metro  Ethernet  Service 
include  support  for  business  continu¬ 
ity,  data  and  storage  center  connec¬ 
tivity,  sharing  of  medical  and  technical 
imaging,  and  video  and  VoIP.  The  en¬ 
hancements,  known  as  Premium 
Service  options,  are  initially  available 
in  Atlanta;  Miami;  New  Orleans;  Jack¬ 
sonville,  Fla.;  and  Raleigh,  N.C.,  with 
deployments  to  take  place  in  addi¬ 
tional  metropolitan  areas  throughout 
2004.  Premium  Service  options  include 
committed  bandwidth  speeds,  burst¬ 
ing  capabilities  above  the  committed 
speeds,  traffic  prioritization  and 
virtual  LAN  aggregation,  along  with 
service-level  agreements  and  network 
management  services. 


cable  modem  and  leased  lines.  But  WiMax, 
an  emerging  standards-based  set  of  tech¬ 
nologies,  could  unify  the  fragmented 
industry  and  bring  down  prices,  according 
to  vendors  and  analysts. 

For  customers,  wireless  can  mean  fast 
and  easy  setup,  lower  cost  than  some  ser¬ 
vices,  and  broadband  Internet  access  in 
places  DSL  has  trouble  reaching. 

“I  called  them  on  a  Friday  and  it  was 
installed  on  Tuesday?’ says  Tamara  Indianer, 
manager  of  a  Waltham,  Mass.,  branch  of 
Lincoln  investment  Planning.  The  branch 
had  trouble  getting  synchronous  DSL 
(SDSL)  service  after  a  move. 

One  carrier  said  it  couldn’t  reach  that  site 
and  another  estimated  two  to  three  weeks 
for  installation,  Indianer  says.  She  turned  to 
TowerStream,  which  uses  pre-standard 
WiMax  gear  from  Aperto  Networks.  For 
$500  per  month, a  bit  more  than  the  cost  of 
the  SDSL  service  but  much  less  than  a  T-l 
rate,  the  branch  got  1M  bit/sec  in  each 
direction,  she  says. 

TowerStream  is  looking  forward  to  stan¬ 
dardized  WiMax  gear  and  lower  prices  on 
customer  premises  equipment  (CPE)  that 
should  result  from  interoperability. Vendors 
and  service  providers  hope  a  standard  will 
cut  development  costs  and  let  many  ven¬ 
dors  compete,  with  more  choice  all 
around.  The  WiMax  Forum,  an  industry 
group  working  to  promote  802.16  adop¬ 
tion,  plans  to  begin  certifying  interoperable 
products  by  year-end. 

It’s  the  same  idea  that’s  driven  Wi-Fi’s 
popularity,  and  Intel  has  invoked  that 
wireless  LAN  phenomenon  in  predicting 
a  rapid  ramp-up  for  WiMax.  What  Wi-Fi  did 
for  the  LAN,  the  longer-range  WiMax 
could  do  for  metropolitan  areas  and  last- 
mile  access.  It  initially  will  use  the  IEEE 
802. 16d  specification  and  support  con¬ 
nections  to  fixed  locations  at  typical 
speeds  from  300K  to  2M  bit/sec,  over  a 
range  of  as  much  as  30  miles.  A  later  ver¬ 
sion,  based  on  the  802. 16e  standard, 
which  might  be  finished  in  about  a  year, 
is  being  designed  to  support  mobility. 

But  some  analysts  and  industry  partici¬ 
pants  say  the  outlook  is  more  complicated 
than  with  Wi-Fi.  In  addition  to  daunting 
competition  from  other  technologies, 
WiMax  faces  questions  about  how  it  will 
use  the  airwaves  in  the  U.S.  and  abroad. 
Product  volume,  the  key  to  hoped-for  pro¬ 
liferation, will  depend  in  part  on  how  those 
See  WiMax,  page  38 


■  BY  JIM  DUFFY 

Axiowave  Networks, a  4-year-old,  privately 
held  maker  of  core  routers,  last  week 
unveiled  its  first  product. 

The  XCR128  is  designed  to  bring  TDM- 
grade  service  levels  to  IP  networking  and 
service  convergence.  The  product  is  in¬ 
tended  to  address  gaps  in  the  IP  service 
business  model  that  keep  service  providers 
from  making  money  from  IP  according  to 
Axiowave. 

Axiowave  is  entering  an  increasingly 
crowded  field. Cisco  and  Juniper  dominate 
the  core  router  market  with  more  than  90% 
share  between  them.  Avici  Systems  is  a  dis¬ 
tant  third  with  less  than  5%  share.  Alcatel 
and  a  number  of  other  start-ups,  including 
Caspian  and  Procket  Networks, account  for 
the  remainder. 

Axiowave,  however,  believes  its  business 
proposition — ATM-like  service-level  agree 
ments  (SLA)  for  IP  —  will  set  it  apart.  Even 
though  service  providers  have  experi¬ 
enced  traffic  increases  of  50%  to  100%  per 
year,  prices  have  declined  up  to  27%  during 
the  same  time  because  of  a  lack  of  service 
differentiation  and  increased  competition. 


Axiowave  says. 

In  addition,  small  amounts  of  premium 
services  such  as  VoIP  and  interactive/ 
broadcast  video  mixed  with  IP  best-effort 
traffic  continue  to  force  service  providers 
to  unnecessarily  build  out  and  over-engi¬ 
neer  their  networks,  the  company  says. 

The  XCR128  is  intended  to  reverse  this 
imbalance.  The  router  is  designed  to 
deliver  more  than  90%  sustained  wave¬ 
length  utilization,  and  almost  all  the  traf¬ 
fic  can  be  premium  services  on  the  same 
egress  link  as  oversubscribed  data  traffic, 
Axiowave  says. 

The  result,  according  to  Axiowave,  is  the 
ability  for  service  providers  to  offer 
and  guarantee  ATM-grade  SLA  for  IP  at 
premium  prices. 

The  main  switching  shelf  for  the  XCR128 
is  a  half-rack  chassis  with  20  slots  for  line 
cards,  system  controller  and  bandwidth 
management  processors.  System  con¬ 
troller  and  bandwidth  management  pro¬ 
cessors  can  be  deployed  in  a  1-to-l  redun¬ 
dant  configuration. 

Five  more  slots  are  reserved  for  switch 
fabric  cards  in  a  4-to-l  redundm  i 

See  Axiowave,  p  v  le 
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EYE  ON  THE 
GARRIERS 

Johna  Till 
Johnson 


Was  the  Internet  really  designed  to 
withstand  nuclear  war?  In  an  earlier 
column,  1  characterized  that  des¬ 
cription  as  an  “urban  legend.” 

A  reader  wrote  in  to  disagree,  noting  that 
the  Internet  was  funded  by  the  Defense 
Advanced  Research  Projects  Agency 
(DARPA)  with  the  explicit  goal  of  resis¬ 
tance  to  nuclear  war.  For  validation,  he 
urges  folks  to  investigate  the  writings  of 
some  of  the  pre-eminent  Internet  devel¬ 
opers  of  the  time,  particularly  Paul  Baran. 
(A  great  short  history  of  the  Internet  can 
be  found  at  www.nwfusion.com,  Doc 
Finder:  2327.) 

Who’s  right?  Does  it  really  matter?  In  my 
book,  it  matters  a  lot  because  understand¬ 


'Net  was  born  of  economic  necessity,  not  fear 


ing  the  process  that  leads  to  world-chang¬ 
ing  innovation  is  the  only  way  to  foster  it. 
If  we  can’t  agree  on  how  the  Internet  was 
created,  how  can  we  hope  to  do  some¬ 
thing  like  it  again? 

So  did  the  government  deliberately  set 
out  to  create  a  nuclear-war-resistant  net¬ 
work?  Evidence  suggests  otherwise.  It’s 
certainly  true  that  while  at  the  RAND 
Corporation,  Baran  was  actively  engaged 
in  the  design  of  resilient  communications 
systems  intended  to  survive  nuclear  war. 
He  was  also  one  of  the  early  proponents 
of  a  distributed  architecture,  and  one  of 
the  co-inventors  of  packet  technology  — 
both  of  which  are  critical  elements  of  the 
Internet’s  design. 

But  the  actual  architecture  and  creation 
of  the  ’Net  was  handled  not  by  Baran,  but 
by  a  team  of  researchers  headed  by  Larry 
Roberts.  Their  goal  was  more  modest:  to 
effectively  share  computing  resources 
among  multiple  organizations  (including 
universities  and  government  contractors). 


Roberts  &  Co.  considered,  but  ultimately 
rejected,  a  centralized  design  for  traffic 
management  —  not  out  of  resilience  con¬ 
cerns,  but  because  nobody  was  willing  to 
dedicate  scarce  and  expensive  comput¬ 
ing  resources  to  the  problem  of  centrally 
managing  and  controlling  traffic.  Com¬ 
puter  owners  were,  however,  willing  to 
spare  a  small  fraction  of  their  computa¬ 
tional  resources  to  route  traffic  in  a  dis¬ 
tributed  fashion  —  so  Roberts  opted  to  go 
with  a  Baran-like  distributed  design. 

It’s  also  true  that  original  funding  for 
the  Internet  came  from  DARPA  and  later 
still  the  National  Science  Foundation  — 
all  of  which  heavily  funded  Cold  War  ini¬ 
tiatives.  Back  in  the  1960s,  most  govern¬ 
ment-sponsored  scientific  funding  was 
defense-related.  Nothing  new  there  —  in 
the  1980s,  1  worked  on  a  nuclear  engi¬ 
neering  project  that  was  funded  by 
President  Reagan’s  Star  Wars  initiative. 
But  the  source  of  the  funding  implies 
nothing  whatsoever  about  the  goal  of 


the  project  (my  project  had  nothing  to 
do  with  Star  Wars,  though  we  happily 
cashed  the  checks). 

The  bottom  line  is  that  while  Cold  War 
concerns  definitely  influenced  the  Inter¬ 
net’s  design,  the  shape  of  the  ’Net  is  more 
a  testament  to  economics  than  ideology. 
Most  importantly,  the  design  reflects  not  a 
top-down  government-driven  solution  to  a 
specific  problem  (resilient  communica¬ 
tions)  but  a  bottom-up,  government-sup¬ 
ported  solution  to  a  more  general  prob¬ 
lem:  how  to  enable  effective  and  econom¬ 
ical  sharing  of  computational  resources. 

The  best  part  is  another  such  burst  of 
innovation  is  under  way  once  more,  with 
the  same  bottom-up,  government-sup- 
ported,  pragmatic  approach.  This  time  it’s 
called  grid  computing.  Stay  tuned. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


WiMax 
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questions  are  addressed. 

Intel  and  others  have  high  hopes.  By  the 
third  quarter  of  next  year,  CPE  for  a  WiMax 
service  to  an  office  or  home  will  cost  less 
than  $500,  predicts  Kevin  Suitor,  vice  presi¬ 
dent  of  business  development  at  Redline 
Communications,  a  maker  of  802.16-based 
equipment.  By  2007,  it  will  cost  less  than 
$200,  he  says.  Beyond  that,  with  mobility 
CPE  will  be  able  to  ship  in  the  form  of 
internal  components  in  notebook  PCs  at 
an  estimated  price  of  $50  to  $100,  Suitor 
adds.  However,  some  observers  and  indus¬ 
try  participants  don’t  expect  a  repeat  of  the 
Wi-Fi  cycle. 

“The  scale  is  not  necessarily  the  same 
kind  of  scale  that  you  have  with  the  Wi-Fi 
chips,”  says  Tad  Neeley  an  analyst  at  RHK. 
“The  cost  curve  I  look  at  with  this  is  far 
more  what  DSL  modems  and  cable 
modems  did.  I  don’t  think  it’s  going  to  be 
the  Wi-Fi  cost  curve.” 

Unlike  Wi-Fi,  which  has  been  deployed 
using  primarily  one  band  of  spectrum  (2.4 
GHz)  that  is  unlicensed  nearly  everywhere, 
WiMax  is  based  on  standards  that  allow  for 
any  frequency  band  between  2  GHz  and  1 1 
GHz.  The  WiMax  Forum  is  narrowing  that 
by  developing  profiles  for  specific  spec¬ 
trum  bands,  says  Francois  Draper,  vice  pres¬ 
ident  of  sales  and  marketing  at  WiMax  chip 
developer  Wavesat  and  chairman  of  mem¬ 
berships  at  the  WiMax  Forum. 

Although  the  first  profiles  aren’t  expect¬ 
ed  until  September,  the  group  is  lining  up 
around  three  bands:  one  around  5.8  GHz, 
which  is  unlicensed  in  many  countries;  a 
second  around  3.5  GHz,  unavailable  in 
North  America  but  licensed  in  other  re¬ 
gions;  and  a  third  around  2.5  GHz, 
licensed  in  the  U.S.  and  much  of  the 
Americas. 

The  WiMax  Forum  last  week  was  set  to 


announce  a  regulatory  working  group  to 
promote  global  harmonization  of  the  man¬ 
agement  of  those  bands.  It  also  will  work 
for  the  allocation  of  spectrum  in  lower 
bands  such  as  those  the  FCC  is  considering 
for  reallocation  from  TV  stations. 

Conformance  among  governments  on 
spectrum  issues  is  complicated,  bringing 
into  account  formats  —  how  capacity  is 
divided  up  among  subscribers  —  as  well  as 
the  spectrum  itself,  says  Nitin  Shah,  an  ana¬ 
lyst  at  RHK.“The  diversity  of  spectrum  and 
formats  does  limit  or  impede  the  rate  of 
adoption  of  WiMax,”  Shah  says. 

Licensed  frequencies  are  critical  for  car¬ 
riers  to  offer  business-class  WiMax  services, 
according  to  vendors  and  industry  ana¬ 
lysts.  That  further  complicates  the  picture 
with  bureaucracy  politics  and  frequency 
allocation, Shah  says. 


Axiowave 

continued  from  page  37 

configuration. 

An  optional  I/O  shelf  features  12  slots  for 
line  cards  and  two  slots  for  1-to-l  redundant 
fabric  cards.  The  system  supports  32  OC- 
192c  and  10G  Ethernet,  128  OC-48c,  320 
Gigabit  Ethernet  and  256  OC-12c  interfaces. 

The  XCR128  system  is  deployed  at 
PowerNet  Global  (PNG),  a  wholesale  and 
retail  carrier  in  Cincinnati.  PNG,  which  has 
points  of  presence  nationwide,  offers  voice, 
Internet  access,  IP  transit  and  peering  and 
other  data  services  to  businesses,  resi¬ 
dences  and  service  providers. 

PNG  replaced  about  10  routers  from  its 
incumbent  supplier  with  an  equal  number 
of  Axiowave  XCR128s  to  support  toll-qual¬ 
ity VoIRATM-  and  frame-relay-grade  IPVPNs, 
and  ATM-grade  wholesale  IP  peering  and 
transit  services  while  simultaneously  sup¬ 
porting  best  effort  traffic  over  one  network. 

“We  needed  a  differentiator  for  our- 


Intel  says  it  can  do  the  integration  needed 
to  propel  the  market  forward.  It  will  follow 
the  WiMax  Forum’s  lead  on  frequencies  for 
fixed  and  mobile  WiMax  equipment,  says 
Joe  English,  director  of  marketing  for  Wi¬ 
Max  at  Intel.  Intel  expects  to  integrate 
WiMax  in  its  Centrino  wireless  chip  set 
along  with  Wi-Fi  beginning  in  late  2006, 
with  a  wide  rollout  in  2007.  The  company 
envisions  one  Centrino  chip  set  that  sup¬ 
ports  all  the  frequencies  used  for  WiMax 
worldwide  and  can  be  produced  in  vol¬ 
umes  large  enough  to  keep  prices  down, 
English  says. 

Some  service  providers  are  anxious  for 
those  economies  to  come  into  play.  Covad 
Communications  sees  wireless  as  a  tool 
for  reaching  customers  it  can’t  get  to  with 
DSL  for  regulatory  or  other  reasons,  says 
Ron  Marquardt,  technical  director.  The 


company  would  prefer  to  use  WiMax 
because  of  the  expected  benefits  of  stan¬ 
dardization,  but  it’s  not  committed  yet, 
he  says. 

Neotec, a  consortium  of  mobile  operators 
in  Brazil,  wants  to  offer  wireless  broadband 
for  about  $20  per  month  and  says  it  thinks 
it  can  do  that  by  not  laying  wires.  It  has 
tested  a  proprietary  system  that  uses 
licensed  spectrum  around  2.5  GHz  and  is 
looking  to  WiMax  for  the  price-cutting 
power  of  standardization. 

In  the  end,  market  momentum  might 
shape  regulation,  Wavesat’s  Draper  says. 

”If  the  industry  wields  its  baseball  bat, 
they  may  make  the  governments  move 
faster,”  he  says. 

Lawson  is  a  correspondent  with  the  IDG 
News  Service  s  San  Francisco  bureau. 


Catch  the  Axiowave 

Features  of  the  newest  big 
router  include: 


1.2T-byte 

switching  capacity. 

32  slots  for  line  cards. 

Full-rack  footprint. 

TDM-grade 

IPSLAs. 


selves,”  says  PNG  CEO  Bernie  Stevens. “The 
typical  IP  market  is  commodity  and  best 
effort.  [With  the  XCR128]  we  could  give 
SLAs  on  IP  that  were  unheard  of.” 

Axiowave  will  need  all  that  endorsement 
and  more  as  it  enters  a  core  router  market 


that  has  just  seen  a  substantial  product  an¬ 
nouncement  from  Cisco  and  is  expecting 

_  another  significant  upgrade  soon 

from  Juniper.  Cisco  two  weeks  ago 
unleashed  the  92T  bit/sec  CRS-1 
system, and  Juniper  is  expected  to 
announce  deployments  of  its  TX 
multiterabit  router  switch  fabric 
later  this  year. 

The  TX  is  designed  to  intercon¬ 
nect  multiple  Juniper  T640  core 
’  routers,  which  have  been  on  the 
market  for  two  years  and  are  in  part 
responsible  for  Juniper’s  10%  market  share 
gain  vs.  Cisco’s  9%  loss  in  that  time. 

Axiowave  will  have  to  land  a  strong,  well- 
established  distribution  partner  to  make  a 
dent  in  the  market.  Company  President, 
CEO  and  founder  Mukesh  Chatter  says 
Axiowave  has  just  started  discussion  with 
some  vendors  around  OEM  partnerships. 

Axiowave  has  raised  more  than  $120 
million  since  its  founding  in  2000.  The 
company  has  not  disclosed  pricing.  ■ 
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We  put  a  single  platform,  mobile  apps 
and  security  in  your  hands.  Now  you  can 
put  the  enterprise  in  theirs. 


Now  the  BlackBerry ‘  Enterprise  Solution  allows  your  business 
applications  to  be  accessed  virtually  anywhere*  Whether  it's  email, 
ERP,  CRM  or  document  management  systems,  our  solution  is  built 
on  an  open,  secure  platform  that  can  wirelessly  extend  your  existing 
applications  so  you  won't  have  to  rebuild  or  replace  them.  Best 
of  all,  the  BlackBerry  Enterprise  Solution  is  a  proven  platform, 
deployed  by  tens  of  thousands  of  organizations  around  the  world, 
which  means  wireless  access  to  data  can  be  managed  by  your  IT 
staff  with  more  confidence. 


©2004  Research  In  Motion  Limited  (RIM)  All  rights  reserved  BlackBerry  is  an  end-to-end  wireless  solution  developed  by 
RIM.  RIM,  BlackBerry.  the  Blackberry  logo  and  the  “envelope  in  motion”  symbol  are  trademarks  or  registered  trademarks 
of  RIM  ’Requires  Black  Berry  L  terprise  Server  software  Prior  to  subscribing  to  or  implementing  any  third  party  products 
or  services,  it  is  your  responsibility  to  ensure  that  the  airtime  service  provider  you  are  working  with  has  agreed  to  support 
all  of  the  features  of  the  third  party  products  and  services  and  that  you  obtain  the  necessary  licenses  RIM  makes  no 
representation,  warranty  or  guarantee  whatsoever  in  relation  to  the  third  party  products  and  services  and  RIM  assumes  no 
liability  whatsoever  in  relation  to  the  third  party  products  and  services  even  if  RIM  has  been  advised  of  the  possibility  of 
such  damages  or  can  anticipate  such  damages 


The  BlackBerry  Enterprise  Solution  Difference 

•  Provides  advanced  security  including  triple  DES 
encryption,  handheld  password  protection, 
wireless  IT  security  commands  and  policies 

•  Includes  server  software,  wireless  handhelds, 
wireless  service  and  support  programs 

•  Provides  flexible  application  deployment  - 
build  in-house  or  with  help  from  an  independent 
software  vendor 

•  Delivers  centralized  manageability  and 
.simplified  implementation 
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You'll  get  nothing.  And  like  it 


No  spam.  No  email  fraud.  Nothing  but  the  messages  you  want. 


MailFrontier 

Email  is  good  again." 


www.mailfrontier.com  ©  2004  MailFrontier 
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FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


■  Iomega  recently  announced  two 
network-attached  storage  servers. 
Geared  to  small  and  remote  offices 
and  department  workgroups,  the  NAS 
200d  Series  is  based  on  Microsoft 
Storage  Server  2003  and  works  with 
heterogeneous  client  computers  and 
network  file  protocols. 

The  products  employ  Serial  ATA 
hard  disks  and  RAID  1  or  5,  and 
include  four  USB  2.0  ports,  one  Ultra 
SCSI  320  port,  and  Iomega  Automatic 
Backup  Software  and  Computer 
Associates  eTrust  Anti-Virus  Soft¬ 
ware.  Available  this  month,  the  2406- 
byte  version  costs  $1,200;  the  3606- 
byte  version  $1,800. 

■  The  government's  Office  of 
Personnel  Management  and 
General  Services 
Administration  recently  launched 
two  new  free  training  courses  for 
federal  employees  only.  Telework 
101  for  Employees  offers  a  basic 
introduction,  which  helps  employees 
determine  whether  telework  is  a  good 
fit.  Telework  101  for  Managers 
helps  managers  develop  and  struc¬ 
ture  a  program,  select  employees  and 
avoid  common  problems. 

Register  at  www.goLearn.gov. 


Fighting  for  fair  telework  tax 

New  York  state’s  practice  spurs  draft  federal  legislation. 


■  BY  TONI  KISTNER 

What  began  as  a  tax  squabble  between 
New  York  and  neighboring  states  today 
threatens  to  deter  telework  across  the 
country  and  compromise  key  aspects 
of  the  Bush  administration’s  national 
agenda.  At  issue  are  conflicting  states 


means  New  York  gives  a  credit  only  when 
the  employee  worked  out  of  state  because 
of  the  employer’s  necessity 
But  what  constitutes  necessity? 

“Very,  very  little,”  says  Nicole  Belson 
Goluboff,  an  attorney  specializing  in 
telework  and  author  of  The  Law  of 
Telecommuting. 


fers  of  New  York,”  Goluboff  says. “The  rule 
also  imposes  onerous  payroll  obligations 
on  employers.  There  are  withholding 
requirements  in  multiple  states  when 
you’re  multiple-taxed.” 

Several  cases  challenging  New  York’s  reg¬ 
ulation  are  working  their  way  through  the 
courts.  Most  notable  is  that  of  Cardozo  Law 


Telework  tax  timeline 


New  York  state’s  history  of  double  taxing  non-resident  teleworkers  could  soon  end  with  federal  legislation. 


September,  2001 

The  North  Eastern  StateTax  Officials 
Association's  IncomeTax  Working  Group 
recommends  member  states  adopt  a  physical 
presence  method  for  allocating  income  of  non¬ 
resident  employees  based  on  where  the  work 
was  performed.  New  York,  New  Jersey  and 
Pennsylvania  refuse,  choosing  to  follow  the 
"convenience  of  employer”  rule  instead. 


Nov.  24,  2003  - 

The  N.Y.  Court  of  Appeals  rejects 
Edward  Zelinksky's  constitutional 
challenges  to  the  "convenience  of 
employer”  rule.The  Cardozo  Law 
School  professor  teaches  in  New 
York  and  telecommutes  from  his 
Connecticut  home  two  days  a  week. 


Zelinksky 


Junel 

To  gain  awareness  and  support  for 
federal  legislation  prohibiting  double 
taxation, TheTelework  Coalition, 
www.telcoa.org,  posts  a  letter  for 
visitors  to  download  and  send  to 
their  congressmen. 


i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  ~n — r~r  r  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  i  ~t  r  i  i  t  ~i  i — i 

1 2001 

12002 

1 2003 

12004  t 

I  April  26 

The  U.S.  Supreme  Court  denies  a 
review  of  the  N.Y.  Court  of  Appeals’ 
decision  in  the  Zelinsky  case, 
sanctioning  other  states  to  apply  the 
"convenience  of  employer”  rule. 


April  27 

Federal  legislation  is  drafted 
prohibiting  a  state  from  taxing 
employees  on  income  earned  while 
working  in  another  state.  Sources 
say  it's  close  to  gaining  a  sponsor 
and  should  be  introduced  in  the 
coming  months. 


April  29 

The  New  York  Appellate  Division  (a  lower 
appellate  court  than  the  Court  of  Appeals) 
upholds  the  “convenience  of  employer” 
rule  in  the  case  of  Huckaby  v.  N.Y.  State 
Division  of  Tax  Appeals.  Huckaby  lives 
in  Tennessee  and  spends  only  25%  of  his 
time  working  in  New  York. 


■  Small  businesses  present  a  lucra¬ 
tive  market  for  cable  companies  that 
offer  bundled  data  and  voice  ser¬ 
vices,  according  to  a  new  report  from 
The  Insight  Research  Corporation, 
“Cable  Telephony  in  Small 
Business:  The  Competitive 
Threat  to  ILECs  2004-2009.”  Small 
businesses  will  purchase  bundled 
voice  and  data  services  at  three  to 
four  times  the  price  of  residential 
bundles  of  voice,  data  and  basic  TV 
services. 

Phone  services,  including  IP  tele¬ 
phony  for  small  businesses,  will  gen¬ 
erate  $342  million  for  cable  compa¬ 
nies  this  year,  and  when  voice  service 
is  added,  cable  operators  could  make 
almost  $2.5  billion  by  year-end,  the 
report  predicts. 

The  111-page  report  costs  $3,995 
and  is  available  at  www.nwf  usion. 
com,  DocFinder:  2328. 


rules  governing  how  teleworkers  pay 
personal  income  tax. 

In  most  cases,  when  teleworkers  reside  in 
a  different  state  from  their  employer,  they 
split  the  taxes  paid  on  their  personal 
income  between  their  employers  state  and 
their  home  state,  given  that  they  work  part 
time  at  the  employer’s  office  and  part  time 
at  home.  If  they  work  60%  of  the  time  at 
company  headquarters  and  40%  in  a 
home  office,  they  are  expected  to  pay  tax 
on  60%  of  their  income  to  the  employer’s 
state,  and  40%  to  the  home  state. 

However,  New  York  state  tax  law  also 
requires  employees  of  New  York  state- 
based  companies  to  pay  tax  on  100%  of 
income  earned  to  New  York,  regardless  of 
where  they  perform  the  work.  New  York 
will  give  non-resident  teleworkers  a  tax 
credit  for  the  time  they  spend  working  in 
their  home  state,  but  only  —  and  this  is  the 
issue  —  when  the  teleworking  is  done  for 
the  “convenience  of  the  employer”  This 


New  York  state  says  that  unless  the  nature 
of  your  work  is  such  that  it  couldn’t  be 
done  in  a  New  York  office,  then  you  must 
pay  tax  on  100%  of  your  income  to  New 
York  state.  But  you  must  also  pay  tax  on  the 
portion  of  the  income  you  earned  tele¬ 
working  to  your  home  state.  Even  if  the 
New  York  employer  eliminates  your  office 
space,  even  if  you’re  a  salesperson  always 
on  the  road,  if  the  work  possibly  could  be 
done  in  New  York,  the  state  makes  you  pay 
tax  to  New  York. 

Another  problem  is  that  New  York  state 
defines  part-time  teleworker  broadly.  In 
many  instances,  employees  who  relocate 
to  far-off  states  and  visit  the  company 
office  only  once  or  twice  a  year  will 
receive  a  bill  from  New  York  state  for  the 
full  year’s  income  tax. 

“You  must  allocate  days  everyone 
agrees  you  worked  outside  New  York  as 
days  you  worked  inside  New  York.  It’s  a 
fiction  that’s  designed  to  enrich  the  cof¬ 


School  Professor  Edward  Zelinsky  who  typ¬ 
ically  teaches  in  New  York  three  days  a 
week  and  works  from  his  Connecticut 
home  for  two.  Zelinsky  argued  the  regula¬ 
tion  is  unconstitutional  because  it  allowed 
a  condition  whereby  he  could  be  double 
taxed  on  his  income.  However,  the  U.S. 
Supreme  Court  recently  refused  to  hear  the 
case, putting  an  end  to  Zelinsky’s  legal  fight. 

“New  York’s  been  applying  this  rule 
aggressively  for  some  time.  It’s  been  widely 
condemned  by  scholars  and  practitioners. 
The  Supreme  Court’s  refusal  to  take  the 
Zelinsky  case  sanctions  other  states  that 
aren’t  currently  applying  this  rule  to  start 
doing  so,”  Goluboff  says. 

In  rejecting  Zelinsky’s  challenge,  the  New 
York  State  Court  of  Appeals  argued  that 
New  York  provides  “a  host  of  tangible  and 
intangible  protections,  benefits  and  values 
to  the  taxpayer  and  his  employer  including 
police,  fire,  and  emergency  health  services, 
See  Taxation,  page  44 


Meet  the  IBM  eServer™  i5  system  —  designed  to  simplify  your  infrastructure.  It’s  the  first  IBM  server  with  POWERS™ 
technology.  And  the  latest  member  of  the  IBM  eServer  iSeries™  family.  What’s  more,  it  can  simultaneously  run  four 
operating  systems,  dynamically  allocating  resources  needed  for  each  application  and  operating  system!  On  demand. 
iSeries  technology  can  also  help  reduce  the  number  of  servers  you  manage  by  as  much  as  85%.  We  invite  you  to 
learn  more  about  how  to  make  your  business  more  efficient.  Just  visit  ibm.com/eserver/consolidate 


5  reasons  why  IBM  eServer  i5  systems  with  Power  Architecture ™  technology  can  simplify  your  infrastructure. 


Runs  four  operating 

Advanced  virtualization 

Capacity  on  demand. 

POWER5  processor- 
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The  IBM  eServer  i5  system. 
Consolidate.  Integrate.  Celebrate. 


'IXA  or  IXS  required  to  run  Windows.  Customers  must  license  O/Ss  separately.  IBM,  the  e-business  logo,  eServer,  the  eServer  logo,  iSeries,  Power  Architecture  and  P0WER5  are  trademarks 
or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Windows  is  a  trademark  of  Microsoft  Corporation  in  the  United  States, 
other  countries,  or  both.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2004  IBM  Corporation.  All  rights  reserved. 
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0PM  report  links  telework  to  emergency  readiness 


Anew  survey  indicates  the  U.S. Office 
of  Personnel  Management  is  tighten¬ 
ing  the  noose  on  the  federal  govern¬ 
ment’s  mid-level  managers  adverse  to 
telework. 

For  one,  OPM  has  figured  out  how  to 
accurately  measure  telework  participation 
of  federal  employees:  First  you  have  to 
determine  how  many  employees  in  each 
agency  are  eligible  to  telework,  then  count 
how  many  actually  are  teleworking. 

Sound  simple?  It’s  not.  In  years  past, 
many  agency  managers  ducked  telework 
compliance  by  reporting  very  low  num¬ 
bers  of  eligible  employees.  But  this  year’s 
annual  report  on  the  state  of  telework  in 
the  federal  government  shows  high  eligi¬ 
bility  numbers  across  most  of  the  74 
agencies  surveyed,  indicating  OPM  has 
fixed  the  problem. 

That  means  now,  with  good  data  in  hand, 
OPM  Director  Kay  Coles  James  can  call  up 


Secretary  Tom  Ridge  and  ask,  “Hey,  Tom, 
how  come  the  Department  of  Homeland 
Security  has  25,803  employees  eligible  to 
telework  but  only  392  who  do?” 

Speaking  of  Homeland  Security,  this 
year’s  report  puts  a  strong  emphasis  on 
using  telework  for  emergency  prepared¬ 
ness  —  a  no-brainer  concept  telework 
advocates  have  been  screaming  about  for 
years.  OPM  wants  agencies  to  have  experi¬ 
enced  teleworkers  and  managers  who  can 
keep  agencies  running  remotely  should 
disaster  strike. 

The  report  states  that  telework  has  “been 
integrated  into  the  federal  government’s 
Continuity  of  Operations  Plans  (COOP), 
and  OPM  is  laying  the  groundwork  for 
including  telework  in  its  evaluation  of 
agency  human  resources  programs. 
Besides  holding  agencies  accountable,  this 
change  will  define  telework  clearly  as  a 
basic  [HR]  tool,  rather  than  a  new  program 
in  need  of  promotion.” 

By  the  way  the  shift  away  from  using  tele 
work  to  meet  environmental  goals  —  such 
as  decreasing  vehicular  emissions  by  get¬ 
ting  cars  off  the  roads  —  jibes  neatly  with 
another  statistic  from  the  report:  In  2003 
69%  of  federal  teleworkers  worked  outside 


the  metropolitan  Washington,  D.C.,  area, 
compared  with  31%  who  reside  in  the  area. 
So  much  for  easing  Metro  D.C.  gridlock. 

Tying  telework  to  national  security  is 
smart  business,  considering  how  much 
work  there’s  still  left  to  do.The  survey  found 
the  number  of  employees  eligible  to  tele 
work  rose  20%  in  2003  from  625,313  to 
75 1,844.  However,  the  percentage  of  federal 
employees  who  actually  teleworked  in 
2003  remained  “stable”  at  14%,  and  tele 
work  center  usage  dropped  5%.  Keep  in 
mind,  by  April  2004, 100%  of  eligible  feder¬ 
al  employees  were  to  have  been  telework¬ 
ing  as  mandated  by  section  359  of  Public 
Law  106-346. 

Each  year  this  survey  is  run,  the  barriers 
to  telework  swap  rank.  This  year,  the  top 
barrier  was  the  nature  of  agency  work,  fol¬ 
lowed  by  office  coverage  challenges,  data 
security,  management  resistance,  and  fund¬ 
ing  for  equipment  and  IT.That  the  nature  of 
agency  work  ranked  highest  again  points 
to  managers  not  doing  enough  to  bring 
telework  into  the  office.  The  work  generat¬ 
ed  by  most  professional  and  administrative 
jobs  can  be  taken  home  at  least  one  day 
per  week;  a  lot  of  people  could  benefit 
from  a  weekly  catch-up-on  paperwork  day 


Specific  IT  statistics  of  interest  include: 

•  Ten  agencies  purchase  all  equipment 
for  teleworkers,  and  five  more  reimburse 
employees  for  purchased  equipment. 
Eighteen  said  they  share  the  cost  with 
employees;  21%  provide  excess  or  surplus 
equipment  to  teleworkers.  But  23  agencies 
said  employees  purchase  all  their  own 
equipment. 

•  Fifty-eight  agencies  provide  tele¬ 
phone  help  desk  support  to  teleworkers; 
12  offer  IT  services  at  the  teleworker’s 
alternate  work  site;  and  34  let  employ¬ 
ees  bring  broken  equipment  into  the 
office  for  repair.  Seven  agencies  offer  no 
IT  support  to  teleworkers. 

Last,  in  2001,  President  Bush  added  tele¬ 
work  to  his  New  Freedom  Initiative,  geared 
to  expand  jobs  for  disabled  people.  In¬ 
terestingly  the  number  of  employees  using 
telework  for  health  and  disability  reasons 
jumped  120%,  from  1,749  in  2002  to  3,849 
in  2003. 

The  full  text  of  the  report  is  available  at 
www.nwfusion.com,  DocFinder:  2329. 

Kistner  is  managing  editor  of  the 
Net.  Worker  section  of  Network  World.  She 
can  be  reached  at  tkistner@nww.com. 


Taxation 

continued  from  page  41 

and  public  utilities.”  Other  benefits  include 
employment  and  cultural  opportunities. 
The  court  said  just  because  an  employee 
chooses  to  telework,  that  “does  not  dimin¬ 
ish  what  New  York  provides  in  order  to 
enable  him  to  earn  that  income.” 

The  court  also  argued  that  because  many 
states  impose  no  income  tax  on  residents 
or  tax  at  a  lower  rate,  telework  is  a  way  for 
non-residents  to  avoid  paying  New  York 
state  income  taxes;  the  rule  prevents  “sub¬ 
terfuge”  by  non-residents.  If  your  company 
didn’t  hire  you  to  work  out  of  your 
Connecticut  home,  then  you  shouldn’t  be 
paid  to  work  there,  or  be  given  a  unilateral 
choice  to  say  where  your  income  comes 
from,  the  court  said. 

“But  the  underlying  assumption  is  that 
telecommuters  who  say  they’re  working  at 
home  aren’t  really  doing  soj’Goluboff  says. 
“That  seems  to  be  more  of  a  traditional 
management  objection  than  it  should  be 
of  a  New  York  state  taxing  authority’ 

However,  the  case  of  Thomas  Huckaby 
presents  a  stronger  challenge  to  New  York 
State’s  “convenience  of  employer”  rule. 
Because  he  lives  in  Nashville  and  works  in 
New  York  only  75%  of  the  time,  Huckaby 
rarely  receives  the  New  York  State  benefits 
enjoyed  by  neighbor-state  commuters  like 
Zelinksy 

Going  underground? 

The  problem  of  double  taxation  first 
came  to  the  attention  of  then-Connecticut 
Tax  Commissioner  Gene  Gavin  in  the  mid- 
1990s.  As  president  of  the  North  Eastern 
State  Tax  Officials  Association,  Gavin  and 


his  group  recommended  that  member 
states  adopt  a  physical  presence  test  for 
allocating  the  income  of  non-resident  em¬ 
ployees  based  on  where  the  employees 
worked.  New  York,  Pennsylvania  and  New 
Jersey  refused,  although  New  Jersey  gives 
taxpayers  a  credit  for  taxes  paid  to  New 
York.  The  only  other  state  to  cite  “conve¬ 
nience  of  employer”  rule  is  Nebraska. 

“If  New  York  gave  up  its  position,  it  would 
lose  millions  in  revenue  each  year]’  Gavin 
says.  Some  say  about  $100  million.  “New 
York’s  stand  isn’t  based  on  progress,  it’s 
based  on  saving  money  It’s  a  dinosaur  hun¬ 
gry  for  revenue,  not  for  progress.” 

IBM  and  Citicorp  are  among  two  of  the 
largest  New  York  employers  with  Con¬ 
necticut  telecommuters.  An  IBM  market¬ 
ing  manager  who  lives  in  Connecticut  and 
teleworks  says  he  knows  of  at  least  three 
other  employees  who  are  also  double 
taxed  by  New  York.  The  employee,  who 
asked  not  to  be  named,  assumes  there  are 
hundreds  more  but  says  the  nature  of  tele¬ 
work  makes  it  difficult  to  find  them. 

“We've  talked  to  IBM  corporate.  They’re 
aware  of  the  problem  and  sympathetic,  but 
they  say  not  much  can  be  done.  This  is  a 
nasty  but  effective  way  to  dun  small  fry  like 
me  for  a  couple  thousand  dollars.  I  can’t 
afford  an  attorney  to  fight  it.” 

IBM  corporate  did  not  comment  for  this 
story. 

Even  so,  the  employee  concedes  double 
taxation  isn’t  enough  of  a  disincentive  to 
stop  teleworking.’Jt’s  important  for  IBM  to 
have  us  all  mobile.  Even  if  it  comes  at  the 
cost  of  a  couple  grand  a  year,  the  needs  of 
the  business  and  the  needs  of  my  person¬ 
al  convenience  outweigh  [the  tax].” 

Telework  consultant  Gil  Gordon  agrees 


that  double  taxation  is  an  annoyance,  but  it 
doesn’t  deter  telework. 

“The  bigger  issue  involves  corporate  taxa¬ 
tion,”  he  says.“Does  the  fact  that  a  corpora¬ 
tion  based  in  State  A  that  has  teleworkers  in 
State  B  mean  that  the  corporation  now  has 
a  business  presence  in  State  B  and  thus 
faces  a  corporate  tax  liability  even  though 
those  teleworkers  are  the  only  tangible  evi¬ 
dence  of  the  employer’s  presence?  This 
issue  needs  to  be  clarified,  too.” 

On  the  other  hand,  the  IBM  employee 
wonders  about  the  long-term  implications 
of  double  taxation.  “In  time,  people  might 
reason  that  if  New  York  is  going  to  be  a  big¬ 
ger  bully  than  their  home  state,  then  they’ll 
just  pay  tax  to  New  York.  This  could  drive 
legitimate  aboveground  people  into  non- 
compliance,”  he  says. 

Possible  resolutions 

Currently  there  are  two  avenues  to  pro¬ 
hibit  New  York  from  double  taxing  tele 
workers.  One,  the  Supreme  Court  agrees  to 
hear  the  Huckaby  case,  the  Nashville  resi¬ 
dent  who  spends  25%  of  his  work  time  in 
New  York,  and  deems  New  York’s  “conve 
nience  of  employer”  rule  unconstitutional. 
The  other  is  for  Congress  to  pass  legislation 
prohibiting  the  practice. 

Last  month,  just  after  the  Supreme  Court 
refused  to  hear  the  Zelinsky  case,  federal 
draft  legislation  was  introduced.  The  pro¬ 
posed  legislation  would  prevent  a  state 
from  deeming  a  nonresident  to  be  pre¬ 
sent  in  or  working  in  the  taxing  state 
when  the  nonresident  is  not  physically 
present  in  that  state.  The  law  would  pre¬ 
vent  a  state  from  imposing  nonresident 
income  taxes  for  any  time  the  nonresi¬ 
dent  is  present  elsewhere. 


Although  it  has  no  sponsor,  Zelinsky  sup¬ 
ports  the  bill  and  says  he  believes  “support 
is  imminent.” 

The  bill  is  expected  to  garner  strong  sup¬ 
port  because  telework  is  a  component  in 
four  of  President  Bush’s  public  policy  ini¬ 
tiatives.  These  include  assuring  continuity 
of  government  in  the  event  of  a  disaster 
(H.R.2844,the  Continuity  in  Representation 
Act  of  2004,  and  the  Continuity  of 
Operations  Program);  compliance  with  the 
federal  employee  telework  mandate 
(Public  Law  106-346),  the  New  Freedom 
Initiative,  which  helps  disabled  workers  and 
Public  Law  107-1 71,  which  helps  rural  com¬ 
munities  expand  their  economies. 

“The  states  are  trying  to  reduce  traffic 
congestion,  improve  the  environment,  and 
provide  opportunities  for  older  and  dis¬ 
abled  workers,  while  imposing  taxes  that 
contradict  these  efforts," says  Chuck  Wilsker, 
president  of  the  Telework  Coalition.  “We 
believe  the  federal  government  must  step 
in  to  correct  this  situation.”  ■ 


More  online! 

The  Telework  Coalition  has  posted  a  letter  urging 
Congress  to  support  a  bill  that  prohibits  New  York 
state  from  taxing  non-resident  teleworkers  on  income 
they  earn  while  teleworking  in  their  home  state. 
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Update 

■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


WSS  protects  SOAP  messages 


HOW  IT  WORKS 


Web  Services  Security 


Designed  to  let  Web  services  pass  secure,  signed 
messages,  OASIS’  WSS  standard  specifies  mechanisms 
for  attaching  security  tokens  to  SOAP  messages. 
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Web  service 


O  The  initial  sender  prepares  a  request  message,  signing  certain  portions  of  it.  Some  of  the 
data  is  also  encrypted. 

©  The  intermediary  node  augments  the  message  with  additional  data,  signing  over  that  data 
and  portions  of  the  original  data  to  cryptographically  bind  them  together.  This  node  does  not 
have  the  key  necessary  to  read  the  encrypted  data,  but  passes  it  along  as  received. 

©  The  Web  service  processes  the  data,  verifies  the  signatures  and  reads  the  encrypted  data. 

©  The  Web  service  sends  a  response  message.  Portions  of  it  may  be  signed  and/or  encrypted. 


H  BY  HAL  LOCKHART 

The  Web  Services  Security  specification 
defines  mechanisms  to  protect  messages 
designed  for  use  with  Web  services.  The 
Web  Services  Security  Technical  Commit¬ 
tee  of  the  Organization  for  the  Advance¬ 
ment  of  Structured  Information  Standards 
developed  the  standard. 

Web  services  applications  communicate 
using  Simple  Object  Access  Protocol 
(SOAP)  messages,  which  are  defined  in 
XML. These  messages  are  most  often  trans¬ 
ported  over  HTTP  but  can,  in  principle,  be 
carried  over  any  underlying  protocol.  WSS 
provides  a  framework  for  encrypting,  sign¬ 
ing  and  authenticating  SOAP  messages. 

WSS  also  defines  XML  elements  that  can 
be  used  to  provide  integrity  (write)  protec¬ 
tion,  confidentiality  (read)  protection  and 
authentication.  It  does  this  by  using  other 
specifications,  while  adding  some  key  ele¬ 
ments  of  its  own. 

WSS  implements  digital  signatures  and 
encryption  by  referencing  the  XML  digital 
signature  and  XML  encryption  recommen¬ 
dations  developed  at  the  World  Wide  Web 
Consortium. 

Processing  digital  signatures  of  XML  doc¬ 
uments  is  complex  because  slightly  differ¬ 
ent  forms  of  the  same  document  are  con¬ 
sidered  to  have  the  same  meaning.  For 
example,  white  space  can  be  added  or 
removed,  and  declarations  can  be  moved 
or  eliminated  if  they  are  redundant. 
Because  these  variations  would  produce 
spurious  signature  validation  errors,  it  is 
necessary  to  define  a  standardized,  or 
canonical,  form  for  an  XML  document.The 
sender  computes  and  signs  the  canonical 
form.  The  receiver  also  computes  the 


canonical  form  to  verify  the  signature. 

Because  Web  services  will  be  used  in 
many  environments,  WSS  makes  it  possible 
to  use  various  systems  to  distribute  keys 
and  other  authentication  information  in 
what  it  refers  to  as  tokens.X.509  certificates 
and  Kerberos  tickets  are  carried  in  binary 
tokens,  while  SAML  assertions  and  XrML 
licenses  are  XML  tokens. WSS  also  defines  a 
user-name  token,  which  might  be  used  in 
conjunction  with  a  password. 

The  most  important  new  element  WSS 
defines  is  called  Security  and  contains 
XML  elements  related  to  message  protec¬ 
tion.  The  Security  element  appears  in  the 


SOAP  header,  and  there  can  be  one  for 
each  node  that  will  receive  the  message. 
The  information  in  the  Security  element 
lets  a  sender  tell  a  receiver  what  data  has 
been  signed  and  what  has  been  encryp¬ 
ted,  the  order  in  which  to  perform  the  oper¬ 
ations  and  what  keys  to  use.  WSS  also  lets 
senders  specify  the  creation  and/or  expira¬ 
tion  date/time  of  security  information. 

There  also  is  a  security  token  reference, 
which  is  used  to  point  to  tokens  under  var¬ 
ious  circumstances,  such  as  when  it  is  used 
more  than  once  within  a  message. 

WSS  does  not  specify  a  particular  set  of 
message  exchanges  and  cryptographic 


operations  the  way  Kerberos  or  Secure 
Sockets  Layer  (SSL)/Transport  Layer  Secur¬ 
ity  (TLS)  do.  It  is  expected  that  other  speci¬ 
fications  will  describe  detailed  usage  pat¬ 
terns  and  even  add  elements  to  implement 
and  optimize  complex  capabilities.  How¬ 
ever,  WSS  can  be  used  directly  to  meet  sim¬ 
ple  needs,  such  as  signing  or  encrypting 
portions  of  a  single  message. 

WSS  consists  of  a  core  specification  and 
a  profile  for  each  token  type.  Work  on  the 
standard  began  in  the  fall  of  2002. 

In  April,  OASIS  approved  the  WSS:  SOAP 
Message  Security  1.0  core  specification 
and  the  WSS:  Username  Token  Profile  1 .0 
and  Web  Services  Security:  X509  Token 
Profile  l.O.The  WSS  Technical  Committee  is 
working  on  SAML,  Kerberos  and  XrML 
token  profiles. 

Alternative  mechanisms,  such  as  SSL/ 
TLS,  can  be  used  to  protect  Web  services 
messages.  For  many  applications  they 
might  prove  satisfactory,  but  they  have 
more  limitations  than  WSS.  For  example, 
WSS  permits  the  signing  and/or  encryp¬ 
tion  of  selected  portions  of  a  message.  It 
is  possible  for  a  message  to  be  signed  at 
one  node,  additional  data  to  be  added 
and  signed  by  a  second  node,  and  finally 
verified  by  the  receiver.  And  an  interme¬ 
diate  node  can  process  portions  of  the 
message,  even  though  other  portions 
have  been  encrypted.  As  Web  services 
become  more  complex,  the  need  for  WSS 
will  increase. 

Lockhart  is  a  principal  engineering  tech¬ 
nologist  for  BEA  Systems  and  a  member  of 
several  OASIS  committees,  including  the 
WSS  Technical  Committee.  He  can  be 
reached  at  hlockhar@bea.com. 


Dr.  Internet 


By  Steve  Blass 


What  will  come  next  after  phishing  scams? 

Phishing  is  the  use  of  spoofed  e-mails  and  Web 
sites  to  fool  recipients  into  divulging  personal 
financial  data  by  convincing  them  to  respond  to 
what  seem  to  be  legitimate  communications.  We 
recommend  that  you  never  divulge  personal  infor¬ 
mation  unless  you  start  the  transaction.  Never 
click  links  in  e-mails  that  claim  to  be  from  your 
bank,  and  do  not  give  your  credit  information  to 


people  who  call  you  on  the  phone.  Start  fresh  by 
typing  the  Web  address  into  a  browser,  or  call  the 
company  yourself.  We  think  well  next  see  the 
online  analog  of  poachers  who  fish  (phish?)  with 
dynamite.  DNS  spoofing  and  DNS  cache  poison¬ 
ing  are  already  problems.  We  recently  have  seen 
viruses  that  overwrite  DNS  server  settings  and 
host  files.  Now  is  the  time  to  learn  about  DNS  util 
ities  such  as  "dig"  and  to  write  down  the  IP  ad¬ 
dresses  of  the  servers  involved  in  your  financial 


life,  so  you  don't  lose  everything  to  a  sophisticated 
DNS  scam.  DNS  vulnerabilities  such  as  this  were 
described  10  years  ago  at  a  Usenix  Security  Con¬ 
ference,  and  very  little  has  been  done  to  fix  this. 
While  Berkeley  Internet  Name  Domain  is  no  longer 
easily  compromised;  it  is  still  easy  to  spoof  DNS. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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Companies  adopting  HP  Integrity  servers,  powered  by  industry-leading 
Intel  Itanium  2  processors,  are  seeing  remarkable  gains  in  performance. 

The  momentum  is  building.  One  after  another,  companies  are  choosing  HP  Integrity  servers. 
Leading  software  and  technology  partners  such  as  BEA,  Microsoft,5  Oracle,  SAP  and  Siebel 


See  who's  choosing 
HP  Integrity  servers 
and  choosing  results, 


Systems  have  embraced  the  platform  as  an  industry  standard.  And  with  the  ability  to  manage 
a  mixed  environment  of  UNIX,  Microsoft"  Windows®  Linux  and  OpenVMS,  HP  Integrity  servers  are 
fast  becoming  the  ultimate  consolidation  tool.  Demand  maximum  performance,  reliability  and  cost- 
efficiency  now,  on  a  platform  that  will  carry  you  forward  into  the  future.  Demand  performance 
that's  real-world  proven,  and  get  it— with  HP  Integrity  server  solutions. 
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To  get  the  IDC  white  paper  outlining  the  performance  of  HP  Integrity  ser 
go  to  hp.com/go/demandlntegrityl3  or  call  1-800-282-6672,  optio 
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RSS  technology,  the  really  final  take.  Really. 


GEARKEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


So  this  week  will  really  be  the  final 
week  of  covering  RSS.  For  two  weeks 
now,  we  have  promised  to  wrap  up 
this  topic  and,  well,  we  failed.That  said,  we 
failed  with  panache,  with  moxie,  with  a 
certain  je  ne  sais  quoi  —  which  is  to  say 
that  we  did  as  we  pleased  in  an 
unabashed,  unashamed  and  uninhibited 
sort  of  way 

Last  week  we  concluded  with  JSMsg,  a 
unique  proposal  for  a  standard  that  lets 
users  who  don’t  have  any  kind  of  aggre¬ 
gator  installed  view  feeds  (see  www.nw 
fusion.com,  DocFinder:  2331). 

To  recapitulate:  In  the  words  of  the 
designer  of  JSMsg,  John  Repici  of 
Creativyst  Software:  “JSMsg  is  not  ‘yet 
another  RSS  flavor’. While  RSS  is  designed 
to  let  individuals  display  news  feeds  on 
installed  reader  software,  JSMsg  is 
designed  to  let  Web  masters  display  news 
feeds  directly  on  Web  pages.” 

Let  us  explain. When  you  run  a  Web  site 
and  you  want  to  provide  an  RSS  feed, 


you  use  some  kind  of  script  or  applica¬ 
tion  to  generate  the  feed,  which  is  just  an 
XML  file. 

For  clients  to  be  able  to  do  anything  with 
the  feed  they  must  have  an  aggregator  that 
takes  the  XML  and  reformats  it  into  some¬ 
thing  that  is  humanly  readable. 

If  you  want  to  show  the  contents  of  a 
feed  on  your  site  you  need  to  translate 
from  XML  to  HTML.  But  there’s  a  penalty 
—  to  show  human-readable  content  you 
need  software  and  extra  processing  to 
either  create  and  interpret  the  XML  feed 
data,  whether  created  on  your  site  or 
someone  else’s. 

An  even  more-compelling  reason  to  use 
JSMsg  is  that  if  you  create  feeds  that  you 
want  to  distribute  widely,  keep  in  mind 
that  any  site  that  can’t  create  HTML  from 
RSS  XML  is  not  going  to  be  able  to  use 
your  feed  —  with  JSMsg  they  can  with 
next  to  no  effort. 

JSMsg  also  reduces  the  bandwidth 
demand  on  sites  supplying  JSMsg  feeds. 
To  quote  Repici  again:  A  “JSMsg  feed  can 
be  a  regularly  updated  static  JavaScript 
file  residing  on  the  Web  server  so  it  works 
with  existing  Web  caching  schemes.lt  will 
be  cached  by  browsers  and  intermediate 
cache  mechanisms  based  on  304s  (not- 
modified)  statements  from  the  server  and 


other  criteria.While  it  may  also  be  dynam¬ 
ically  generated,  it  operates  completely 
within  the  existing  HTTP  framework.” 

How  does  it  work?  Glad  you  asked. 
JSMsg  simply  stores  the  content  of  an  RSS 
feed  in  a  file  nominally  called  JSMsg.js, 
though  this  is  not  mandatory  The  content 
must  be  JavaScript  compliant  with  Version 
1 . 1  or  lower. 

And  a  crucial  concept  in  this  scheme  is 
that  JSMsg  requires  namespaces  to  be 
used  so  that  content  from  multiple 
sources  can  be  combined  on  a  single  Web 
page. 

The  actual  JSMsg  file  contents  must  con¬ 
tain  seven  functions  (see  DocFinder: 
2332).  These  functions  provide  different 
displays  of  the  JSMsg  content,  from  show¬ 
ing  everything  to  randomly  selecting  sin¬ 
gle  items. 

So,  to  use  a  JSMsg  feed  on  your  site,  you 
need  to  use  the  following  HTML  code  in 
the  header  section  of  your  Web  page: 
<script  language=“javascript” 
SRC=”http://<domain>/<path>/<JSMsg- 
file>”> 

</script> 

And  in  HTML  body  you  need  to  include: 
<script  language=“javascript”> 
<namespace>.Msg(“Body”); 

</script> 


<script  language=”javascript”> 

<namespace>.Msg(“Attrib”); 

</script> 

In  this  example,  the  function 
Msg(msgPart[, Offset])  displays  a  part  of  a 
message  from  a  short  list  of  messages  kept 
in  the  JavaScript  file  and  selects  which 
message  is  displayed  from  the  list  at  ran¬ 
dom. The  optional  Offset  parameter  speci¬ 
fies  a  message  number  offset  from  the  ran¬ 
dom  number. 

For  all  of  the  details  of  how  to  code  a 
JSMsg  file, see  DocFinder:  2333. 

But  given  that  so  few  feeds  exist  in  JSMsg 
format,  what  can  you  do  if  you  are  inter¬ 
ested  in  the  system?  The  answer  is  to  use  a 
translator.  Creativyst  provides  such  a  beast 
through  a  free  Perl  script  that  translates 
RSS  feeds  into  JSMsg  feeds  (see  Doc¬ 
Finder:  2334). 

This  script  can  be  run  in  a  Web  page  to 
dynamically  create  a  JSMsg  JavaScript  on 
the  fly,  or  it  can  be  run  as  a  scheduled 
cron  job  (or  whatever  your  server  uses)  as 
frequently  as  needed  to  update  static 
JavaScript  files. 

The  entire  JSMsg  proposal  is  public 
domain  and ,  we  think,  an  interesting  and 
powerful  idea.  Tell  Gearhead  what  you 
think  at  gearhead@gibbs.com. 


CoolToo 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


We’re  taking  a  break  from  testing  this  week  to  catch 
up  on  some  of  the  latest  news  . . . 


Axis  launches  megapixel  network  camera 


Axis  Communications  last  week  announced  the  Axis 
206M  network  camera,  which  it  says  is  the  world’s  smallest 
network  camera  with  megapixel  resolution.  Aimed  at 
indoor  surveillance  applications,  the  206M  supports  resolu¬ 
tions  up  to  1 ,280  by  1 ,024  pix¬ 
els,  can  produce  an  image  in 
HDTV  16:9  widescreen  format 
and  transmit  images  at  a  rate 
of  up  to  12  frames  per  second. 

The  $399  device  comes  with 
the  company’s  Axis  Camera 
Explorer  software  to  let  users 
view  and  record  images  from 
the  camera. 

it  also  supports  Universal 
Plug  and  Play;  and  includes  a 
built-in  Web  server  and  the 
Axis  Internet  Dynamic  Do¬ 
main  Name  Service,  which 
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provides  a  Web  name  for  the  camera 
instead  of  an  IP  address.  The  camera  is 
expected  to  be  released  next  month. 


Buffalo  jumps  to  125M  bit/sec  wireless 

Buffalo  Technology  recently  announced 
a  802. 1  lg  wireless  LAN  router  that  includes 
a  125M  bit/sec  high-speed  mode. 

The  wireless  cable/DSL  router  (Model 
WHR3-G54)  includes  four  Ethernet  ports 
for  other  computers,  and  uses  Buffalo’s  Air- 
Station  One-Touch  Secure  System  for  a 
quick  one-button  setup  of  the  network’s 
security  and  configuration  settings.  The 
high-speed  mode,  when  used  with  similar 
high-speed  mode  equipment  from  Buffalo, 
offers  up  to  98.7M  bit/sec  throughput  (the 
125  figure  is  without  overhead)  across  the 
LAN,  the  company  says. 

Other  features  of  the  $  1 30  router  include  security  support 
for  Wi-Fi  Protected  Access, Temporal  Key  Integrity  Protocol, 
Advanced  Encryption  System,  802.  lx  and  128/64-bit  Wired 
Equivalent  Privacy  Intrusion  detection,  media  access  con¬ 
trol  address  registration,  a  privacy  separator,  and  dynamic 
packet  filtering  also  are  included.  Other  high-speed  mode 
equipment  includes  a  PCI  adapter  (Model  WLIT-PCI-G54S) 
and  notebook  adapter  (Model  WLI-CB-G54S),  priced  at 
$100  each. 


Kanguru  lets  users  double  their 
storage 

Kanguru  Solutions  has  a  new  built- 
in  data  compression  feature  that  lets 
the  KanguruMicro  Drive  2.0  reach  up 
to  8G  bytes  of  storage  capacity 


The  KanguruGuard  Compression  feature 
will  be  available  on  all  the  company’s  USB 
flash  drives,  effectively  doubling  the  stor¬ 
age  available  on  the  devices.  For  example, 
a  user  who  buys  a  128M-byte  Kang¬ 
uruMicro  Drive  gets  256M  bytes  of  space 
with  the  compression  function  enabled. 

Drives  also  are  equipped  with  128-bit 
encryption;  and  DES,Triple-DES  and  Blow- 
fish  encryption  methods  are  available  on 
request,  Kanguru  says.  The  drives  are 
priced  starting  at  $30  for  the  32M-byte  ver¬ 
sion  and  go  up  to  $1,700  for  the  4G-byte 
model. 


Speeds  of  125M  bit/sec 
are  available  with 
Buffalo's  new  wireless 
LAN  router. 


Lexmark  launches  new  desktop  laser 
printers 

Lexmark  last  week  launched  a  new  set  of 
desktop  laser  printers  that  include  space  con¬ 
solidation  and  paper-feeding  design  improvements. 

The  E232,  E232t,  E330,  E332n  and  E332tn  monochrome 
laser  printers  are  aimed  at  home  offices,  and  small  and 
midsize  businesses. 

The  $200  E232  and  $300  E232t  are  geared  at  personal 
and  home-office  use,  and  offer  speeds  up  to  22  pages  per 
minute,  with  a  first-page  speed  of  up  to  8.5  seconds, 
Lexmark  says.  The  $400  E330  has  a  200-MHz  processor 
and  prints  up  to  27  pages  per  minute;  and 
the  $500  E332n  includes  an  internal  net¬ 
work  adapter.  The  $600  E332tn  comes  with 
a  second  550-sheet  paper  drawer. 

The  printers  also  include  Lexmark’s 
MarkVision  network  management  software, 
to  let  IT  managers  monitor  and  manage 
their  printers. 


Axis’  small  network 
offers  megapixel 
resolution. 


You  can  save  space  with 
Lexmark's  new  printers. 


Shaw  can  be  reached  at  kshaw 
@n  ww.com. 
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Heard  about 

Sobig,  Blaster, 
and  MyDoom? 


In  recent  years,  IT  has  made  a  significant  invest¬ 
ment  in  security,  yielding  achievements  that  have 
been  the  foundation  to  enabling  trusted  computing 
from  virtually  any  location,  at  any  time.  Despite 
these  efforts,  new  types  of  attacks  have  emerged 
in  recent  months  that  have  dramatically  overrun 
existing  security  measures.  These  hybrid 
exploits,  such  as  Sobig,  Blaster,  and  MyDoom, 
are  an  amalgam  of  viruses,  worms, Trojans,  and 

—  for  many,  the  most  effective  element  — 
social  engineering  that  leads  to  their  execu¬ 
tion  by  an  unwitting  recipient.  Classed  when 
they  appear  as  “zero-day"  exploits,  they  can 
spread  quickly  throughout  much  of  the 
Internet,  no  matter  how  rapidly  counter¬ 
measures  are  deployed.  They  may  leave 
behind  lingering  threats,  such  as  back 
doors  that  leave  a  compromised  system 

-  and  its  users  -  vulnerable  to  further 
exploitation  and  leakage  of  sensitive 
information.  While  their  effect  has  so  far  has  been 
felt  mostly  in  terms  of  consumed  resources  and 
remediation,  they  have  cost  IT  billions  of  dollars 
regardless,  by  any  estimate.  And  this  is  without  hav¬ 
ing  truly  manifested  the  full  destructive  potential  of 
which  they  could  be  made  capable. 


Network  World  Fusion  offers 
a  SPECIAL  REPORT: 


In  this  Special  Report,  we  take  a  look  at  an  emerg¬ 
ing  effort  to  contain  these  exposures,  through 
enforcing  compliance  with  endpoint  security  meas¬ 
ures,  as  well  as  other  initiatives  intended  to  better 
protect  both  the  endpoints  and  the  trusted  networks 
to  which  they  connect. 


The  Network  Endpoint: 

Target  of  Opportunity 

For  a  limited  time,  you  can  get  a  copy  of  this  SPECIAL  REPORT 


Take  advantage  of  this  free  offer  from  Network 
World  Fusion  and  secure  your  copy  of  the  SPECIAL 
REPORT:  The  Network  Endpoint:  Target  of 
Opportunity  in  PDF  format  today. 


m  rur  Tormai,  iree.  just  download  your  ti 
http://nww1.com/go/ad438.html  (registration  required) 


About  the  Author 

This  SPECIAL  REPORT  is  authored  by  Scott 
Crawford,  CISSP,  a  senior  analyst  with  Enterprise 
Management  Associates  (EMA),  an  IT  industry 
analyst  firm  headquartered  in  Boulder,  Colorado. 
The  firm  focuses  on  all  aspects  of  IT  management 
systems,  software  and  services. 
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CONSIDER  YOUR  NATIONAL  RETAIL  NETWORK.  Consider  the  dots  connected. 


Now  we  can  design,  deliver  and  manage  a  data  integration  system  that 
brings  it  all  together.  Converge  every  kind  of  business  network  -  dealers, 
brokers,  suppliers,  customers  -  across  platforms,  across  America.  All  on 
the  strong,  reliable  backbone  of  the  SBC  network.  To  connect  the  dots 


coast  to  coast,  talk  to  your  SBC  account  representative,  sbc.com/dots 


GOING  BEYOND  THE  CALL?  (SBC 


w) 


6/7/04 


ON  TECHNOLOGY 

John  Dix 

A  few  Interop 
notes  worth 
sharing 


Although  NetYVorld+Interop  has  come  and  gone, a 
review  of  my  notebook  turned  up  some  exchanges 
that  are  worth  passing  on. 

•  John  McHugh,  vice  president  and  worldwide  general 
manager  of  HP’s  ProCurve  Networking  Business, said  HP 
won’t  come  out  with  a  wireless  LAN  switch,  but  likely  will 
offer  a  WLAN  blade  for  a  chassis-based  switch,  the  same 
approach  Cisco  and  Extreme  Networks  have  taken. 

In  keeping  with  its  Adaptive  Edge  Architecture,  where  HP 
is  pushing  intelligence  to  the  edge  —  processing,  deep 
packet  inspection, switching  —  wireless  security  will 
require  logging  on  and  authenticating  at  the  edge.  But 
McHugh  acknowledged  the  company  is  still  in  the  process 
of  “stitching  the  quilt  together  to  make  it  work.” 

Asked  how  HP’s  approach  compares  with  Cisco’s  newly 
announced  WLAN  Services  Module,  McHugh  said, “Cisco  is 
trying  to  address  mobility  from  the  center  of  the  net.  I  don’t 
think  that  scales. You  can’t  roam  across  multiple  Cisco 
blades,  for  example.  Mobility,  security  and  convergence  are 
all  really  edge  constructs,  not  core.” 

•  Dan  Simone,  vice  president  of  product  management 
and  co-founder  of  Trapeze  Networks,  also  cited  mobility 
when  asked  to  compare  his  company  with  other  WLAN 
players:“Some  are  focused  on  radio  frequency, and  oth¬ 
ers  on  security. Trapeze  is  all  about  mobility  and  identity. 
We  deliver  trusted  users  to  trusted  services  —  a  net-cen¬ 
tric  view  —  and  make  users  mobile.” 

He  says  this  adds  up  to  a  sustainable  business  model 
and  argues  —  obviously  in  a  self-serving  manner  —  that 
RF  and  security  features  will  simply  get  baked  into  silicon 
over  time. 

Trapeze’s  secret?  “The  way  switches  share  information,” 
Simone  says. “Switches  understand  each  other  and  create  a 
mobility  domain.”That  will  become  more  important  as  cus¬ 
tomers  add  voice  support.“I  haven’t  been  in  a  discussion 
with  a  customer  where  voice  support  doesn’t  come  up,  but 
only  a  fraction  of  people  are  doing  it  now” 

•  Richard  Klapman,  product  director  of  AT&T’s  data  net¬ 
work  services,  was  at  N+I  to  talk  up  metropolitan  Ethernet. 

AT&T,  which  has  joined  the  Metro  Ethernet  Forum, 
offers  metro  Ethernet  services  that  range  in  speed  from 
2M  up  to  1G  bit/sec  and  can  be  used  to  connect  a  single 
building  to  the  Internet  or  link  multiple  buildings.The 
company  also  is  trialing  the  service  as  a  way  to  connect 
a  data  center  to  a  hub  that  is  linked  to  branch  offices 
using  frame  relay. 

Klapman  said  metropolitan  Ethernet  will  hit  the  knee  of 
the  curve  in  two  years. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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opinions 


No  getting  away  from  itiots' 

Regarding  Mark  Gibbs’  Backspin  column  “The  fall 
of  the  ‘itiot’”  (www.nwfusion.com,  DocFinder: 
2324):  I  like  Gibbs’  suggestion  that  companies 
adopt  a  Total  Computing  Initiative,  but  in  my  esti¬ 
mation,  the  likelihood  of  success  is  about  the  same 
as  everyone  getting  that  “million  dollars  and  a 
yacht”  deal  Gibbs  mentions.  As  long  as  software 
and  hardware  advertisers  exaggerate  the  ease  of 
using  their  products  and  employees  know  that  the 
IT  guys  are  down  the  hall  and  are  being  paid  to  fix 
things,  all  the  training  in  the  world  won’t  change 
the  situation.  Instead,  maybe  we  should  take  a  cue 
from  Arizona’s  “Stupid  La\y”  which  requires  people 
who  drive  into  flooded  areas  despite  signs  and  bar¬ 
ricades  to  pay  for  the  cost  of  their  rescue. 
Companies  could  charge  departments  when  IT  has 
to  step  in  and  fix  a  problem  that  should  never  have 
happened.  If  you  want  corporate  folks  to  change, 
hit  them  hard  —  in  the  budget. 

Maria  Muto-Porter 
Owner 

Muto  Management  Associates 
Phoenix 

I  used  to  work  in  IS  at  a  hospital.  On  my  whiteboard 
I  had  what  I  called  the  “ID  10  T”  list  —  which,  with  a 
little  study,  you  can  tell  means  “IDIOT.”  I  placed  folks 
on  it  who  called  with  dumb  questions. 

My  favorite  call  was  from  a  woman  who  said  her 
monitor  was  not  working.  I  asked  her  if  the  green 
power  light  in  the  lower  right  corner  of  the  monitor 
was  on.  She  said  yes.  I  then  asked  if  the  cable  from 
the  monitor  was  connected  to  the  back  of  her  PC. 
She  said  yes.  I  walked  over  to  her  office,  entered  the 
room  and  immediately  saw  a  cable  dangling  from 
the  back  of  her  monitor.  I  attached  the  cable,  took 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  editor  in 
chief,  Network  World,  It 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


my  itty-bitty  screwdriver  from  my  pocket  and 
screwed  it  in,  and  turned  to  leave.  She  asked  me 
what  had  been  wrong.  I  replied, “ID  10  T  issue,”  left 
the  room  and  promptly  placed  her  name  at  the  top 
of  my  list. 

Carl  Hooker 
Graniteville.Vt. 

Mark  Gibbs’  column  “The  fall  of  the  ‘itiot’”  is  nothing 
more  that  an  attack  on  computer  operators.  IT  pro¬ 
fessionals,  from  Tier  1  to  CIO,  need  to  realize  that 
they  provide  a  business  service.  A  big  part  of  that 
service  is  user  support.  If  you  are  spending  a  lot  of 
time  on  “stupid  users”  who  don’t  know  how  to  oper¬ 
ate  their  machines  in  a  way  that  is  consistent  with 
company  policy  then  this  is  a  management  issue 
and  not  a  user  issue. 

Furthermore, Gibbs’  recommendation  regarding  a 
Total  Computing  Initiative  is  also  a  management 
issue.  It  is  management’s  responsibility  to  create, 
implement  and  enforce  company  policy  One  way 
to  solve  user-related  problems  is  to  create  profiles 
that  give  users  access  to  only  those  computer 
resources  they  need  to  perform  their  jobs.  I  can’t 
begin  to  tell  you  how  many  times  I  have  seen  a 
company  roll  out  an  office  full  of  Windows  boxes 
with  a  default  vendor  configuration.  Before  the 
acquisition  of  any  new  computer  platforms  for 
widespread  deployment,  a  company  should  de¬ 
velop  its  own  default  configuration  for  its 
machines  before  roll  out.  It’s  just  common  sense. 

Finally,  the  real  reason  I  dislike  Gibbs’  column  is 
that  it  reminds  of  the  finger-pointing  and  blame-lay¬ 
ing  that  is  so  endemic  in  the  corporate  world  today 
The  bottom  line  is,  it  doesn’t  matter  whose  fault  it 
is.  Anything  that  wastes  time  and  money  is  bad.  And 
to  that  end,  it  is  management  that  should  answer 
for  its  failure  to  oversee  the  proper  use  of  company 
resources. 

Jonathan  Iannone 
Boston 
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USER  VIEW 

Chuck  Yoke 


uring  my  20  years  in  IT,  I  have  seen  the 
premature  death  notices  of  many  tech¬ 
nologies  that  are  still  very  much  alive.  1 
have  read  the  obituaries  of  SNA,  token  ring, 
ISDN  and  COBOL.  Analysts  have  invited  me  to 
witness  the  demise  of  the  mainframe,  LAN 
bridging  and  IPv4.  And  yet,  each  one  is  still  in 
use  today  Some  have  taken  on  new  identities  (LAN  bridging  is  now 
called  Layer  2  switching),  while  others  still  are  functioning  in  their  orig¬ 
inal  wrappers  more  than  10  years  after  the  proclamation  of  their  death. 

So  it  was  with  amusement  that  1  recently  heard  some  analysts  pro¬ 
claim  the  death  of  H.323.Both  beloved  and  hated,  H. 323  is  the  epitome 
of  the  two-faced  devil  for  VoIP  On  the  one  hand,  H.323  has  been  the 
enabler  of  almost  all  IP-based  telephony  implementations  in  use.  On 
the  other  hand,  H.323  has  been  the  biggest  barrier  to  fully  deploying 
true  multi-vendor  IP  telephony 

H.323’s  failing  is  partly  because  of  one  of  its  original  benefits  —  its 
flexibility. Vendors  could  manipulate  the  H.323  specification  so  much 
that  it  was  possible  to  have  an  “H.323-compliant”  device  that  could 
not  interoperate  with  another  vendors  “H.323-compIiant”  device. 
H.323  also  suffered  from  performance  issues.Vendors  could  develop 
their  own  proprietary  algorithms  that  provided  better  voice  quality 
and  less  latency 

To  overcome  these  issues,  the  IETF  developed  Session  Initiation  Proto¬ 
col  (SIP).  SIP  provides  the  same  signaling  functionality  as  H.323  and 
can  be  used  for  session  initiation,  call  setup,  call  tear-down,  call  routing 
and  error  handling. 


Take  a  SIP,  but  don't  bury  H.323 


Because  H.323  originally  was  designed  for  multimedia  applications, 
it  is  complex  and  requires  multiple  messages  to  establish  a  communi¬ 
cations  session.  SIP  was  developed  primarily  for  VoIP  and  requires  less 
overhead. SIP  can  set  up  a  call  with  a  minimum  of  three  messages,  thus 
increasing  performance  over  H.323. 

Being  a  text-based  protocol,  SIP  implementations  are  easier  to 
develop  and  debug.  Implementing  multi-vendor  interoperability  is 
proving  to  be  much  easier  with  SIP  Unlike  H.323, SIP-compliant  devices 
communicate  with  one  another. 

SIP  is  not  perfect.  Because  it  is  User  Datagram  Protocol-based  and  uses 
explicit  static  addressing,  it  cannot  traverse  network  address  translation 
gateways  unless  Simple  Traversal  of  UDP  through  NAT,  NAT  probes  or 
other  SIP-aware  mechanisms  are  implemented.  Despite  this  flaw,  SIP  is  a 
major  advance  over  H.323  and  probably  will  become  the  protocol  of 
choice  for  VoIP  call  signaling.  However,  to  call  H.323  dead  is  premature. 

Last  July,  Gartner  predicted  that  by  the  end  of  2006, 50%  of  IP  enter¬ 
prise  telephony  systems  will  support  SIPThat  means  that  50%  of  the 
implementations  will  use  non-SIP  options  such  as  H.323.  Most  compa¬ 
nies  will  want  to  maximize  their  investment,  so  these  non-SIP  systems 
likely  will  remain  in  place  for  at  least  five  years.This  means  H.323  will 
be  alive  and  kicking  until  at  least  2011. 

H.323  is  as  “dead”  as  SNA,  ISDN  or  COBOL.  While  it  may  no  longer  be 
part  of  the  overall  VoIP  strategic  direction,  it  will  continue  to  be  used 
well  into  the  next  decade. 


SIP . . .  will  proba¬ 
bly  become  the 
protocol  of 
choice  for  VoIP 
call  signaling. 
However,  to  call 
H.323  dead  is 
premature. 


Yoke  is  director  of  business  solutions  engineering  for  a  corporate  net¬ 
work  in  Denver.  He  can  be  reached  at  ckyoke@yahoo.com. 


ON  SECURITY 

Winn  Schwartau 


i  hile  viruses  and  worms  relentlessly 
pound  away  at  our  perimeters,  the  lat¬ 
est  challenge  to  corporate  and  small 
office/home  office  users  is  phishing.  This  is 
where  you,  the  user,  are  the  fish,  susceptible  to  the  enticements  of  the 
phisherman.and  you  break  down  your  own  security  defenses  through 
sheer  gullibility. 

Say  you  receive  an  e-mail  purporting  to  be  from  service@paypal.com 
that  reads:“It  has  come  to  our  attention  that  your  account  needs  to  be 
updated  due  to  inactive  members,  frauds  and  spoof  reports.  If  you 
could  please  take  5  to  10  minutes  to  renew  your  records,  you  will  not 
run  into  any  future  problems  with  the  online  service.  However,  failure 
to  update  your  records  will  result  in  account  deletion.  Please  follow  the 
link  below  and  renew  your  account  information.” 

The  PayPal  logo  is  omnipresent.The  link  takes  you  right  to  the  PayPal 
personal  account  identity  verification  page.  You  make  your  changes 
and  are  done.  Maybe. 

Say  you  receive  an  e-mail  from  a  financial  institution  we’ll  call  the 
Bank  of  Stupidity  and  Liability  (S&L)  that  says:“To  enhance  the  level  of 
service  you  receive  with  Bank  of  S&L  Online  Services, were  requiring 
Online  Services  customers  to  change  their  customer  access  number, 
PIN  and  codeword  to  a  new  user  ID  and  password.  And  we’re  enhanc¬ 
ing  the  process  for  obtaining  your  password  should  you  ever  forget  it.” 

This  e-mail  also  contains  a  privacy  link,  but  no  bank  logo  or  other 
banking  credentials  to  verify  its  authenticity 

What  do  you  do?  First  of  all, as  a  corporate  or  SOHO  user, you  should 
be  suspicious  of  any  e-mail  that  asks  you  to  perform  security-related 
changes  or  verifications. 

In  the  PayPal  example,  I  looked  at  the  address  bar  URL  to  which  I  was 
directed  and  found  that  1  had  landed  at  www.edenbridals.com/wap/ 
verifyhtm,  not  PhyP&l.I  performed  a  WhoIs?,then  a  limited  scan  of  the 
IP  address  and  found  the  critical  security  ports  on  this  server  were  wide 
open.  A  hacker  had  found  a  poorly  configured  server,  created  HTML 


A  tale  of  stupidity  and  liability 


pages  to  echo  the  PayPal  site,  then  collected  users’ private  information. 

The  email  from  the  Bank  of  S&L  was  legitimate.  Here  was  a  leading 
financial  institution  sending  out  tons  of  emails  asking  people  to  change 
their  security  parameters  and  expecting  users  to  trust  the  email’s 
authenticity  My  guess  is  that  the  Bank  of  S&Ls  customer  service  depart¬ 
ment  needed  to  make  an  update,  so  they  embarked  on  this  plan. They 
probably  had  to  check  with  corporate  communications  and  the  legal 
department  to  get  the  wording  just  right.  But  they  clearly  never  talked  to 
the  bank’s  information  security  department,  which  (hopefully)  would 
have  screeched, “No  bloody  way!”  because  they  knew  (hopefully)  that 
the  proposed  e-mail  was  just  like  the  ones  sent  out  by  phishermen  in  the 
previous  few  weeks. 

How  is  the  casual  user  who  may  receive  hundreds  of  e-mails  per 
week  supposed  to  tell  the  difference  between  a  criminal  phishing 
expedition  and  an  act  of  corporate  stupidity?  Not  easily 

What  we  as  corporate  users  release  on  the  Internet  is  a  reflection  of 
how  we  do  business,  and  what  we  think  of  ourselves  and  our  cus¬ 
tomers.  It  also  reflects  a  simple  manner  in  which  companies  and  em¬ 
ployees  can  unintentionally  release  information  by  asking  the  wrong 
question  in  a  forum  and  using  your  real  company  user  name. 

If  you  receive  an  e-mail  purporting  to  be  from  some  organization  and 
suspect  something  is  amiss, call  the  company  on  the  telephone.  Do  not 
call  the  number  in  the  suspect  e-mail;  find  a  real  number  on  the  back 
of  a  credit  card  or  in  a  recent  billing  statement,  or  call  information  for 
a  toll-free  number,  or  visit  the  company’s  Web  site. Then,  speak  to  a  real 
human  and  verify  what  is  being  asked  of  you. 

You  don’t  need  to  be  a  technical  whiz  to  be  safe.  All  you  need  is  com¬ 
mon  sense,  a  healthy  dose  of  skepticism  and  a  willingness  to  invest  a 
few  minutes  to  protect  you, your  company  and  your  family 
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Schwartau  is  president  of  Interpact,  a  security  awareness  consulting 
firm,  and  author  of  several  books,  including  the  recent  Pearl  Harbor  Dot 
Com  .He  can  be  reached  at  winn@thesecurityawarenesscompany.com. 


Middleware  is  Everywhere 


MIDDLEWARE  IS  IBM  SOFTWARE.  Powerful  software 
likeTivoli®  and  WebSphere®  And  it’s  at  the  heart  of  solving 
what  analysts  call  the  key  issue  of  2004:  automation. 
IBM  middleware  is  open  and  can  deliver  it  all  at  a  pace 
to  match  your  needs.  It  anticipates  problems,  responds 
to  change  and  optimizes  resources.  And  it  all  leads  to 
meeting  business  goals.That’s  ON  DEMAND  BUSINESS. 


1.  Increased  ATM  activity  detected  instantly. 

2.  Identities  confirmed  securely. 

3.  Online  banking  increases  dramatically. 

4.  IT  resources  optimized  dynamically. 

5.  Bank  serves  customers  easily. 


Learn  more  about  middleware  and  IBM’s  leadership  role  in  automation  at  ibm.com/rniddleware/automate 
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Is  open  source  IP  telephony 
ready  for  prime  time? 


Two  industry  insiders  debate  whether  users  should  deploy  open  source  VoIP  today. 


Yes,  by  Zenas  Hutcheson 
St.  Paul  Venture  Capital 


No,  by  Zeus 
The  Yankee 


Kerravala 

Group 


Now  is  the  time  to  begin  implementing  open  source  IP  telephony  Here’s  why: 

•  Open  source  business  models  are  changing  market  dynamics.  Open 
source,  coupled  with  subscription-based  software  licensing,  is  now  a  widely 
accepted  business  model  with  significant  momentum.  Linux  and  Red  Hat  are 
the  best  examples  of  the  successful  pairing  of  open  source  technology 
(Linux)  with  a  subscription-based  software  license  (Red  Hat).  Red  Hat  says  eight  of  the 
top  10  global  investment  banks  are  customers.  Goldman  Sachs’ recent  IT  spending  survey 
reports  that  Red  Hat  ranks  first  among  software  companies  gaining  share  of  IT  dollars. 
Linux  is  having  its  greatest  effect  in  the  data  center,  where  mission-critical  functions  are 
run  on  higher-end  servers  and  the  majority  of  enterprise  IT  dollars  are  spent. 

•  Strong  end-user  benefits  are  driving  the  adoption  of  open  source  technology  and  sub¬ 
scription-based  business  models.  The  benefits  of  open  source  subscription-based  busi¬ 
ness  models  include  improved  product  quality,  enhanced  innovation,  reduced  cost,  pro¬ 
motion  of  standards  and  elimination  of  vendor  lock-in.  In  a  recent  IDC  survey  more  than 
40%  of  CIOs  said  Linux  is  an  important  part  of  their  IT  strategy  According  to  a  recent  Jupi¬ 
ter  Research  report,  price-sensitive  small  and  midsize  businesses  are  turning  to  Linux  and 
other  open  source  products  as  a  lower-cost  alternative  to  proprietary  vendor  offerings. 

•  Reliable,  cost-effective  open  source  IP  telephony  products  are  available  today  Open 
source  IP  toll-bypass  products  and  open  source  IP  softphones  are  on  the  market. An  open 
source  IP  PBX  product  scored  on  par  with  proprietary  products  in  a  recent  Miercom  eval¬ 
uation.  In  fact,  Miercom  recently  selected  that  same  open  source  IP  PBX  product  to 
benchmark  Session  Initiation  Protocol  (SIP)  interoperability  In  addition,  CT  Labs  recently 
tested  an  open  source  IP  PBX  for  feature  completeness  and  found  the  product  provided 
all  the  necessary  features  required  for  an  enterprise-grade  IP  telephony  solution. 

•  Open  sourcebased  IP  telephony  companies  can  change  the  market  before  tradition¬ 
al  vendors  respond. Traditional  telephony  system  vendors  cannot  meet  user  needs  with¬ 
out  radical  changes  to  their  products  and  business  models.The  cornerstone  of  the  tradi¬ 
tional  telephony  industry  —  proprietary  call  control  —  must  first  be  eliminated.The  best 
means  to  achieve  this  is  through  open  source. Forward-thinking  industry  observers  now 
expect  SIP-based  open  source  IP  telephony  products  will  replace  proprietary 
hardware  and  software  with  standard  Linux  servers,  open  call  control,  and  a 
mixture  of  open  source  and  proprietary  application  software. 

Combining  open  source  with  a  technology  such  as  SIP  offers  the  industry 
a  stable,  reliable  and  independent  platform  on  which  to  build  distributed 
applications. SIP  provides  a  framework  for  multi-vendor  interoperability  and  a 
compelling  business  proposition  to  value-added  resellers  and  system  integrators, 
and  for  the  first  time  gives  customers  choices.  Now  is  the  time  to  say  no  to  pro¬ 
prietary  call  control  and  vendor  lock-in, and  deploy  standards-based 
IP  telephony  products. 

Hutcheson  is  managing  general  partner  with  St.  Paul  Venture  Capital. 

He  can  be  reached  at  zhutcheson@spvc.com. 


In  theory,  an  open  source  IP  telephony  system  will  increase  the  demand  for  IP 
telephony, create  better  interoperability  between  IP  phone  systems  and  drive  down 
the  cost  of  IP  telephony  by  putting  price  pressure  on  the  traditional  phone  system 
vendors.  An  open  source  model  for  IP  telephony  might  yield  these  results  at  some 
time  in  the  distant  future,  but  it  will  have  no  such  effect  in  the  short  term,  for  a  num¬ 
ber  of  reasons. 

The  major  reason  is  that,  for  most  companies,  the  phone  system  is  the  most  important 
communication  tool  the  organization  has.  Some  software  developers  or  network  manag¬ 
ers  might  tinker  with  open  source  software,  but  no  CIO  will  rest  the  fate  of  the  company’s 
most  important  customer-facing  tool  on  an  unproven  technology  Open  source  IP  tele¬ 
phony  systems  lack  the  necessary  features  and  management  tools  to  make  the  technol¬ 
ogy  a  viable  alternative  to  current  phone  systems. 

Additionally,  today’s  phone  system  buyers  are  primarily  traditional  voice  managers  or 
data  networking  managers,  not  application  developers.Voice  and  data  managers  want  an 
IP  telephony  system  that  can  replace  their  TDM  systems,  not  IP  telephony  software  that 
can  be  deployed,  modified  and  tweaked.This  is  one  reason  the  dominant  voice  and  data 
vendors  such  as  Avaya,  Nortel  and  Cisco  carry  the  lion’s  share  of  the  IP  telephony  market. 
Any  open  source  solution  will  not  easily  integrate  into  a  traditional  vendor  environment, 
adding  to  the  difficulty  of  engineering  a  quality  IP  telephony  system. 

Supporters  of  open  source  IP  telephony  also  say  the  technology  will  generate  more 
interest  in  IP  telephony  This  is  more  myth  than  reality  There  is  already  a  tremendous 
amount  of  interest  in  IP  telephony  technology  A  recent  Yankee  Group  survey  indicates 
that  78%  of  all  U.S.-based  companies  have  an  interest  in  IP  telephony 
The  main  deterrent  to  deploying  IP  telephony  across  the  company  today  is  quality  of 
service  and  manageability  issues,  not  infrastructure  costs.  The  Yankee  Group  research 
shows  that  software  and  hardware  costs  total  less  than  20%  of  the  cost  of  running  a  net¬ 
work.  Better  tools  to  manage  the  IP  telephony  ecosystem  will  drive  down  costs  and  drive 
up  adoption  faster  than  a  new  model  for  pricing  the  IP  PBX  platform.  There  are  many 
third-party  companies  focused  on  providing  management  tools,  which  currently  are 
being  developed  for  the  traditional  vendors  —  meaning  that  an  IP  telephony  sys¬ 
tem  from  Cisco,  Nortel  or  Avaya  will  be  more  manageable  than  one  from  an 
open  source  vendor. 

Deploying  an  IP  telephony  system  is  a  question  of  value,  not  cost. So  even 
though  an  open  source  model  might  appear  to  be  a  nice,  idealistic  view  of 
where  the  market  could  go,  it  doesn’t  address  the  current  barriers  to  adoption: 
quality  and  manageability  While  open  source  might  prove  to  be  a  serious  threat 
in  the  distant  future  —  say,  10  years  from  now  —  it’s  currently  not  ready  for 
prime  time. 

Kerravala  is  vice  president  of  enterprise  infrastructure  research  and 
consulting  at  The  Yankee  Group.  He  can  be  reached  at  zkerravala 
@yankeegroup.  com. 


More  online! 


Log  on  to  Network  World  Fusion  to  voice  your  opinion. 
Face-off  authors  Zenas  Hutcheson  and  Zeus  Kerravala 
will  add  their  thoughts  to  the  discussion. 
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What  are  you  doing  to  protect  your  most  valuable  assets? 


For  over  20  years,  Secure  Computing  customers  have  relied  on  our  proven 
security  solutions  to  protect  their  organizations.  Working  closely  with  our 
customers,  we  have  developed  innovative  products  that  are  comprehensive, 
easy  to  manage,  and  highly  effective  in  securing  the  connections  between 
their  people,  applications,  and  networks. 

The  instincts  of  over  11,000  organizations  around  the  globe  can't  be  wrong. 

To  learn  more  about  Secure  Computing  Corporation,  join  us  for  an  educational  Webcast 
entitled  "The  Experts  Speak:  Evaluating  Application  Security  Architectures"  on  Tuesday, 
June  15.  Visit  www.securecomputing.com/webcast  for  more  information  or  call  us  at 
1  800  692  5625  (1+  408  979  6100  worldwide)  or  email  us  at  sales@securecomputing.com. 
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Sidewinder  G2  Security  Appliance 
Sidewinder  G2'“  Enterprise  Manager 

Strong  Authentication 
SafeWord*  RemoteAccess  “ 

Safe  Word1  PremierAccess  ' 
SafeWord  for  Check  Point 
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»  Leading  the  battle  against  network  threats  takes  remarkably  sophisticated  weaponry. 
Only  Juniper  Networks  can  make  your  network  impenetrable  without  sacrificing  speed  or 
reliability.  Superior  performance  shouldn’t  be  at  the  expense  of  security,  but  the  essence  of  it. 
That's  a  powerful  reason  to  Juniper  your  net.  And  now. 


junipernetworks.com 

888-JUNIPER  (888-586-4737) 


Juniper  Networks  is  proud  to  transform  security  in  networking  through  our  addition  of  NetScreen  Technologies: 
Deep  Inspection  Firewall  I  IF  Sec  and  SSL  VPN  I  Intrusion  Detection  and  Prevention  I  Antivirus  I  Central  Management 
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100M  bit/sec  links  allow  teleworkers  to  run  high-bandwidth  applications. 


■  BY  EVAN  ROSEN 


Reykjavik,  Iceland,  likes  to  set  records.  In  April  2003,  the  world’s  first  pub¬ 
lic  hydrogen  fuel  station  opened. The  world’s  largest  geothermal  system 
heats  houses  and  even  streets.  Now  Reykjavik  is  trying  to  become  the  first 


city  in  the  world  that  delivers  fiber  to 

Since  installing  a  fiber-optic  backbone  network  four 
years  ago,  Reykjavik  Energy,  a  city-owned  utility,  has  con¬ 
nected  500  electricity  substations  with  fiber  and  has 
begun  running  fiber  from  substations  to  homes.  After  a 
100-home  trial  that  began  last  year,  the  utility’s  goal  is  to 
connect  4,000  homes  this  year,  15,000  homes  in  2005, 
and  all  65,000  Reykjavik  homes  within  five  years. 

“We  have  a  very  short  connection  point  to  customers," 
saysThorleifur  Finnsson,  Reykjavik  energy’s  director  of 
business  development. “It’s  not  a  last  mile.  It’s  a  last  quar¬ 
ter  mile.” 

While  universal  residential  fiber  connectivity  sounds 
daunting,  Finnsson  says  his  company  has  an  extensive 


every  home. 

network  of  underground  water  pipes  and  electrical 
cables  running  to  homes.  As  the  utility  performs  sched¬ 
uled  maintenance  on  those  cables,  workers  will  lay 
underground  fiber. This  will  substantially  reduce  the 
need  to  dig  up  the  ground  strictly  for  fiber  installation. 

During  the  trial  last  year,  Reykjavik  Energy  provided 
100M  bit/sec  connections  by  installing  a  customer 
premises  switch  from  Swedish  company  PacketFront  in 
each  participating  home. The  wall-mounted  switch  con¬ 
nects  to  the  fiber  on  one  end  and  provides  eight  Ether¬ 
net  ports  on  the  other  end.  Four  of  the  ports  are  used 
for  an  IP  set-top  box,  two  for  Internet  access  and  two  for 
“general  purpose.” 


Fiber  to  the  wail 


ReyKjavik  Energy  is  bringing  100M 

bit/sec  broadband  connections  via 

fiber  to  every  home  in  Iceland’s 

capita!  city.  The  company  is  adding 

the  fiber  to  its  existing  underground  /  ~ 

links,  which  connect  to  wall-mounted 

customer  premises  switches  that 

each  feature  eight  Ethernet  ports.  j 
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While  the  trial  has  used  several  brands  of  set-top  box, 
Reykjavik  Energy  is  considering  standardizing  on  a  box 
from  Amino  Communications  that  uses  one  IBM  Vulcan 
chip.  A  Reykjavik  consulting  company  called  Industria  is 
providing  the  Self-service  Portal  user  interface. The  soft¬ 
ware  displays  services  available  on  the  network,  includ¬ 
ing  video  on  demand,  IP  telephony  networked  security 
systems  and  Internet  services. 

While  Reykjavik  Energy  is  reluctant  to  discuss  cost 
projections,  Industria  estimates  that  running  fiber  to 
every  home  will  cost  a  minimum  of  about  $1,250  per 
installation. This  figure  includes  about  $475  for  “active” 
costs,  including  switches,  routers  and  premises  equip¬ 
ment,  plus  another  $775  per  customer  for  “passive”  costs 
that  include  pipes,  cables  and  labor.  Reykjavik  Energy 
pays  for  the  installation  costs. 

Reykjavik  Energy  provides  the  infrastructure,  while 
partners  deliver  the  services.“Our  network  is  open  to  all 
service  providers. The  customer  activates  each  service 
and  pays  each  service  provider  directlyf  Finnsson  says. 
“That’s  the  beauty  of  it.”  Once  a  customer  activates  any 
service,  the  utility  charges  a  fixed  monthly  fee  regard¬ 
less  of  the  number  of  services  used. The  utility  also 
receives  revenue-sharing  from  service  providers. 

Extending  the  enterprise 

The  initiative  lets  businesses  extend  the  workplace 
into  employees’ homes.  Stefan  Gudjhonsen.CIO  of  Air 
Atlanta  in  Reykjavik,  participates  in  the  trial  and  uses 
his  connection  for  high-powered  telecommuting. 

“There  is  no  difference  between  that  connection  and 
sitting  in  my  office,  even  if  the  application  has  an  inten¬ 
sive  datastream,”  Gudjhonsen  says.  From  home, 
Gudjhonsen  runs  bandwidth-intensive  applications, 
including  aircraft  parts  management  and  maintenance 
scheduling.'That  program  runs  1M  bit/sec  for  a  single 
query.  With  my  100M  bit/sec  link.it  takes  30  seconds.  A 
DSL  connection  will  not  do  well  for  this."  Gudjhonsen 
also  uses  an  IP  home  telephone  that  ties  into  thv-  •  .q/ 
rate  network. 

With  fiber  to  the  home  (FTTH), employees  can  oaPL  - 
pate  in  meetings  from  home  via  DVD-quaiity  video?  >s. 


Reykjavik  by  the  numbers 


setup  includes  an  MPEG2  codec  and  a 
free  Microsoft  Windows  Media  9  en¬ 
coder.  Using  IP  multicast  technology, 
users  can  “broadcast”  citywide  or  to  spe¬ 
cific  viewers.  While  Gudjonsson  has  so 
far  only  used  his  “TV  station”  for  demon¬ 
strations,  he  sees  benefits  for  corpora- 
tions.“You  can  have  a  DVD-quality  video¬ 
stream  between  workers  on  a  team,  and 
the  quality  is  perfect  at  a  very  low  cost,” 
Gudjonsson  says.“You  can  buy  the  equip¬ 
ment  at  Radio  Shack.” 

Security  is  an  obvious  concern.  A 
Reykjavik  systems  integrator  specializing 
in  financial  services,  24T,  is  developing  a 
telebanking  service  for  the  FTTH  rollout. 
The  service  includes  two-way  audio  and 
oneway  video  from  the  bank’s  call  center 
so  that  video  tellers  can  help  customers 
complete  transactions. 

“When  you  take  a  multicast  stream 
into  the  bank’s  network,  we  have  a  prob¬ 
lem  with  the  firewall,”  Halldor  Axelson, 
CEO  of  24T,  says.“Cisco  has  finally  shep¬ 
herded  this  type  of  traffic  through  the 
firewall  by  something  called  multicast 
VLAN  registration  or  MVR."  MVR  lets  a 
subscriber  on  a  port  subscribe  or 
unsubscribe  to  a  multicast  stream. 

Reykjavik  Energy  is  confident  that 
FTTH  will  be  successful.  Says  Gudjon¬ 
sson, “In  10  years,  selling  an  apartment 
without  Ethernet  will  be  like  selling  an 
apartment  without  electricity 

Rosen  speaks  on  communication  topics 
and  is  chief  strategist  of  Impact  Video 
Communication.  He  can  be  reached  at 
erosen  @impactvid.  com. 
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ferencing,  in  live  and  stored  training  ses¬ 
sions.  Conversely,  employees  at  work 
could  view  and  interact  with  children  at 
home.“You  can  create  an  environment  in 
which  the  home  office  is  an  identical 
environment  to  the  real  office.  So  it’s  a 
benefit  to  everyone... less  real  estate  for 
employers,  more  flexibility  for  employ¬ 


ees,”  Gudjhonsen  says.“It  should  be  lucra¬ 
tive  for  companies  to  have  employees’ 
[homes]  connected  because  they  will 
get  more  out  of  them.” 

Home  TV  station 

The  ability  to  send  and  receive  DVD- 
quality  video  is  key  to  extending  the 


(^equant 


Creating  answers  together. 


workplace  into  Reykjavik  homes,  and 
there  already  have  been  efforts  to  de¬ 
monstrate  the  potential  of  video  applica¬ 
tions.  Gudjon  Mar  Gudjonsson  of  Indust- 
ria,the  company  that  designed  the  user 
interface,  is  a  participant  in  the  trial. “In 
three  hours,  I  was  able  to  install  a  TV  sta¬ 
tion  in  my  home  at  a  cost  of  $800.”The 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  165  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

uiuiui.equant.com/usa 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 
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Settled: 

874 

First 

settlers: 

Norwegians  and  Celts 

Reykjavik 

means: 

Smoky  bay  (referring  to 
columns  of  steam  from 
nearby  hot  springs) 

Icelandic 

Parliament 

formed: 

930 

Climate: 

Average  annual 
temperature:  42  degrees 

Population: 

112,000,  or  40%,  of  the 
entire  country 

Percent  of  j  4%  of  total  population 

foreign 

citizens: 

Major 

employment 

sectors: 

Manufacturing:  20%: 
Wholesale/retail:  15%; 
health  services  and 
social  work:  15%:  real 
estate/business 
activities:  11.5% 

Unemploy¬ 
ment  rate: 

1.3% 

Profiles  in  Business  Mobility  #6  Productivity 


Working-from-Home  Walter  now  gets  more 
done  in  slippers  than  in  wingtips. 


NAME:  Working-from-Home  Walter 


QUOTE:  “Who  says  I  have  to  be  at  work  to  be 
hard  at  work?” 


CHALLENGE:  His  company  needs  him.  His  family  needs  him. 


NOKIA’S  ANSWER  FOR  I.T.:  Nokia  Secure  Access  System 


MEETS  HIS  NEEDS  by  letting  him  work 
on  his  home  PC  when  he  needs  to  and 
still  have  access  to  business-critical 
applications  like  email,  sales  data,  and 
enterprise  resource  planning  software. 

MEETS  HIS  COMPANY’S  NEEDS  by  creating  a 
more  flexible  yet  cost-effective  and  secure  work 
environment  for  valuable  employees. 

Learn  how  to  mobilize  your  team  and  increase  business 
productivity.  Download  “The  Anytime,  Anyplace  World” 
white  paper  at  »nokiaforbusiness.com 
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Connecting  People 
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McAfee's  low-end  AV  management  tool  shines 


a  BY  MANDY  ANDRESS,  NETWORK 
WORLD  LAB  ALLIANCE 

Beagle.  NetSky  Sasser.  Three  viruses,  all 
wreaking  havoc  in  one  month’s  time.  Anti¬ 
virus  software  is  no  longer  just  an  option 
—  it’s  a  requirement. 

Everyone  with  a  computer  connected 
to  a  network,  especially  those  running  a 
Windows  operating  system,  must  run  an 
anti-virus  program  to  protect  against 
these  attacks.  But  anti-virus  companies 
traditionally  have  been  a  bit  lax  in  pro¬ 
viding  adequate  management  wares  to 
help  IT  control  these  products  on  a 
wide  scale. 

We  took  a  quick  look  at  McAfee 
Security’s  ProtectionPilot  1.0  manage¬ 
ment  console.  While  this  software  can 
manage  only  up  to  500  machines  in  its 
current  state,  it  was  a  simple,  intuitive 
approach  to  anti-virus  management  that 
has  features  we  hope  to  see  bubble  up  to 
more  wide-scale  AV  management  wares. 

ProtectionPilot  is  used  for  all  anti-virus 
management  across  all  Windows 
machines,  including  deployment,  report¬ 
ing  and  profile  configuration.  One  key 
default  configuration  set  with  this  prod¬ 
uct  is  the  concept  of  update  checks.  By 
default,  the  central  server  checks  for  new 
signature  updates  from  McAfee,  and  the 
clients  check  the  central  server  for  new 


ProtectionPilot  1.0 

Available  as  part  of  McAfee  SMB  Editions 


McAfee  Security,  a  business  unit  of 
Network  Associates 
www.mcafee.com 

Cost:  Ranges  from  $31.63  per  node  for 
25  nodes  to  $26.55  for  250  nodes. 

Pros:  Very  intuitive  and  easy  to  use; 
excellent  user  interface;  ability  to 
remotely  control  anti-virus  clients. 

Cons:  Can’t  configure  removal  of  un¬ 
install  option;  cannot  clean/view 
quarantine  on  remote  system;  no 
links  yet  provided  to  enterprise 
anti-virus  management  system. 


signature  updates  every  hour. 

The  dashboard,  viewable  immediately 
after  launching  the  console  and  authenti¬ 
cating  yourself,  provides  all  the  informa¬ 
tion  an  anti-virus  manager  needs  to  see 
with  one  glance:  time  of  last  signature 
update,  the  anti-virus  update  status  of  all 
registered  computers  and  the  number  of 
viruses  found  with  the  actions  taken  (for 
example  deleted,  quarantined  or 
cleaned).  One  nice  feature  is  that  this 
screen  (and  any  other)  has  a  printer- 
friendly  view,  perfect  for  management- 
compliance  reports. 


Deploying  anti-virus  software  to  any 
computer  on  a  network  is  as  simple  as  fol¬ 
lowing  the  steps  of  a  deployment  wizard. 
Machines  also  can  be  categorized 
according  to  existing  Active  Directory 
groups  or  custom  groups  defined  by  an 
administrator.  If  a  remote  client  needs  an 
immediate  signature  update,  the  process 
is  as  simple  as  selecting  the  Update  but¬ 
ton.  You  can  update  all  registered  com¬ 
puters  with  one  click  of  the  mouse. 

Once  computer  groups  are  created, 
each  group  can  run  a  different  client  pol¬ 
icy  Configurable  options  include  the  abil¬ 
ity  to  disable  the  start-up  splash  screen, 
the  icon  displaying  in  the  system  tray  on- 
access  file  scan,  quarantine  location  and 
alert  manager.  The  only  option  we  could 
not  find  to  configure  was  the  ability  to 
remove  the  program  from  the  Add/ 
Remove  Programs  list  or  require  a  pass¬ 
word  for  un-install  to  prevent  users  from 
removing  the  software  from  their  systems. 

One  issue  in  this  release  is  the  inability 
to  remotely  manage  files  placed  in  quar¬ 
antine  so  you  can  remove  virus  files  from 
a  system  without  having  to  physically 
touch  that  system  or  connect  through  dif¬ 
ferent  steps,  such  as  connecting  over  a 
Windows  file  share. 

According  to  McAfee,  it  is  looking  at  this 
functionality  for  a  future  release.  In  the 
meantime,  the  company  recommends 


setting  a  central  quarantine  location  on 
the  network  and  administering  the  files 
from  this  shared  location. 

ProtectionPilot  also  includes  the  ability 
to  define  alert  options  using  the  Alert 
Manager  component  of  the  product.  With 
Alert  Manager,  administrators  can  receive 
pages,  e-mails,  pop-ups  or  SNMP  traps 
when  a  virus  file  is  detected. 

McAfee  does  not  supply  any  hooks 
from  ProtectionPilot  1.0  to  its  enterprise 
anti-virus  product,  ePO  3.0.  However,  the 
company  says  there  will  be  an  upgrade 
path  based  on  the  same  agent  software 
when  it  rolls  out  ePO  3.5  later  this  year. 

Andress  is  president  of  ArcSec  Technol¬ 
ogies,  a  security  company  focusing  on 
product  reviews  and  analysis.  She  can  be 
reached  at  mandy@arcsec.com. 


Stop  Looking... 


Still  Looking 
For  Better 
Performance  * 


Belden9  Gives  You  the  Performance  You  Expect  —  Even  After  It’s  Installed  in  the  Wall. 


Did  you  know  that  even  the  most  routine  network  installation  stresses  the  cable?  And  cables  that 
have  been  stressed  can  fail  their  intended  Category  requirements?  It’s  a  fact... now  documented 
by  our  Cable  Installation  Stress  Tests  that  detail  the  after  installation  performance  of  Belden 
Bonded-Pair  Cat  5e  &  6  cables  vs.  competitive  (unbonded  pair)  cables. 

The  test  results?  Bonded-Pairs  show  minimal  after  installation  performance  losses... whereas 
unbonded  pairs,  in  many  cases,  demonstrate  some  dramatic  changes  in  performance.  For 
example,  return  loss  performance  is  as  much  as  15  times  worse,  and  crosstalk  is  almost 
four  times  worse. 

How  do  Belden  Bonded-Pair  cables  achieve  superior  Installable  Performance  ?  The  patented 
design  is  the  key:  Belden  bonds  the  conductors  of  the  pairs  in  a  way  that  totally  eliminates 
conductor  gaps  that  can  rob  a  cable  of  its  performance.  Unbonded  pairs  do  not  have  an 
inherent  design  advantage  to  prevent  these  gaps  from  Occurring. 


Get  the  performance  you  specified... look  for  Belden 
Bonded-Pair  cables  with  Installable  Performance... 
and  be  sure  to  call  1-800-BELDEN-4  to  order  your 
FREE  Installable  Performance  CD. 

www.belden.com/installcd 


Sit  the  Difference! 


Belden*  Bonded-Pair 


A  Bonded-Pain  \ 
/  can  be  manipulated 
without  causing 
performance  robbing  gaps 
between  the  conductors. 
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f  The  signal 
/  problem  caused 
by  gaps  between 
conductors  along  unbonde 
pair  cable  increased 
during  installation 
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Be  cool,  Mr.  “I  Have  Security  Issues.” 
Nokia  has  you  covered. 


NAME:  Mr.  “I  Have  Security  Issues”  QUOTE:  “Is  it  safe?” 

CHALLENGE:  He  knows  that  always-on  connectivity 
demands  always-on  security.  Even  as  threats  change, 
requests  for  data  increase  and  budgets  get  tighter. 


NOKIA’S  ANSWER  FOR  I.T.:  Nokia  Firewall  Appliance 


MEETS  HIS  NEEDS  by  enabling  the  rapid 
deployment  of  security  applications 
from  Check  Point"  Software  Technologies 
on  purpose-built  Nokia  appliances. 
Also,  with  a  track  record  of  over 
100,000  Nokia  installations,  it  keeps  his 
blood  pressure  down. 

MEETS  HIS  COMPANY’S  NEEDS  by  improving  productivity 
through  better  security  and  data  availability,  and  by 
offering  leading  price/performance.  Whew! 


Learn  how  to  mobilize  your  team  and  increase  business 
productivity.  Download  “The  Anytime,  Anyplace  World” 
white  paper  at  »nokiaforbusiness.com 
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SERIOUS  EVENT  LOG  MANAGEMENT. 

WITHOUT  THE  BULL.'" 


Installing  some  of  today's  mega  management  software  packages  is  often 
like  unleashing  a  bull  in  a  china  shop,  or  at  least  in  your  network. 

This  is  why  Dorian  Software  Creations'  modular  approach  lets  you  decide 
and  deploy  the  event  log  management  strategy  that  works  best  for  you  and 
best  meets  your  needs. 

Look  to  Event  Archiver™  for  automated  log  collection,  Event  Analyst™  for 
log  filtering  and  reporting,  and  Event  Alarm™  to  monitor  your  log  files. 
Finally,  they  combine  to  provide  the  only  patent  pending  total  solution  for 
event  log  management,  without  the  bull. 


*  a  free  white  paper  and  other  tools  to 
you  build  an  affordable 
event  log  strategy,  visit  * 

www.doriansoftware.com/roi. 


DORIAN 

www.doriansoftware.com 


www.doriansoftware.com/security 

FOR  MORE  INFORMATION  AND  YOUR  FREE  30  DAY  EVALUATION 
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Worth  the  wait 

Security  clearances  take  more  than  a  year  to  obtain,  but  federal  IT  work  pays  well. 


■  BY  CAROLYN  DUFFY  MARSAN 

If  you’re  looking  for  job  security  consider  working  on  a  top-secret  IT  project  under  devel¬ 
opment  by  the  federal  government.  Government  contractors  have  thousands  of  unfilled 
IT  jobs,  including  network  design,  engineering  and  management  positions. These  posi¬ 
tions  let  you  support  the  wartime  effort,  use  the  latest  technology  and  earn  high  pay. 


Even  better,  government  work  offers  protection  against 
offshoring.  Only  qualified  U.S.  citizens  can  pursue  these 
posts,  which  must  remain  here  in  the  U.S. 

The  only  hitch  is  that  you’ll  need  a  security  clearance, 
and  getting  a  security  clearance  takes  a  year  or  longer. 

Nonetheless,  more  unemployed  IT  workers  are  making 
the  switch  to  government  contracting  as  a  wise  career 
move  in  these  uncertain  times. 

Consider  Anthony  Campbell,  a  network  engineer  who 


holds  Cisco  and  security  certifications.  After  working  in 
the  private  sector  for  several  years,  Campbell  joined  a  gov¬ 
ernment  contractor  in  2001  and  renewed  a  security  clear¬ 
ance  he  received  in  1991  during  a  stint  with  the  U.S.  Army. 

Campbell  finds  the  government  work  more  challenging 
than  the  work  he  did  in  the  commercial  sector.“Most  civil¬ 
ian  companies  are  nowhere  near  as  security-conscious. 
It’s  just  not  something  they  put  a  priority  on,”  he  says.  “I 


happen  to  think  more  about  security  when  it  comes  to, 
say,  how  a  network  is  structured.” 

Secure  IT,  a  Rockville,  Md.,  government  contractor  that 
specializes  in  staffing  classified  projects,  hired  Campbell  to 
work  on  a  multimillion-dollar  LAN  and  WAN  upgrade  at 
the  FBI.  He  earned  an  immediate  boost  in  pay  even  though 
it  took  eight  months  to  renew  his  top-secret  clearance. 

With  the  FBI  project  nearing  completion,  Campbell  is  in 
demand. “I  get  calls  from  recruiters  every  couple  of  days,” 
says  Campbell,  who  is  based  in  Dacula,Ga.“There’s  always 
work  available.  Getting  a  security  clearance  is  a  good 
career  move." 

For  example,  contractor  Wamnet  Government  Services 
plans  to  hire  150  people  this  year,  including  network 
designers,  architects  and  technicians.  Most  of  the  com¬ 
pany’s  665  employees  have  security  clearances. 

“Virtually  all  of  the  hires 
we  are  making  require  secu¬ 
rity  clearances,”  says  Mike 
Barbee,  president  of  Wam¬ 
net  Government  Services  in 
Herndon,  Va.  “From  our  per¬ 
spective,  it’s  easier  if  we  hire 
people  with  active  clear¬ 
ances.  But  we  hire  lots  and 
lots  of  people  from  the  com¬ 
mercial  world  and  sponsor 
them  for  a  clearance.” 

Security  clearances  must 
be  renewed  periodically: 
every  five  years  for  top- 
secret,  every  10  years  for 
secret  and  every  15  years 
for  confidential. 

An  arm  of  the  Department 
of  Defense  is  responsible  for 
conducting  background  in¬ 
vestigations  for  the  25  federal  agencies  that  let  industry  per¬ 
sonnel  access  classified  information.  According  to  the 
General  Accounting  Office  (GAO),  the  Defense  De¬ 
partment  has  issued  2  million  security  clearances,  with 
682,000  —  or  34%  —  going  to  industry  personnel  and  the 
rest  to  government  personnel. 

The  war  on  terrorism  is  feeding  the  demand  for  techies 
with  security  clearances.  The  federal  government  is  up¬ 
grading  many  networks,  and  more  federal  jobs  require 
clearances  now  than  before  the  Sept.  1 1  attacks.  A  higher 


percentage  of  the  clearances  required  are  for  top-secret 
clearances,  which  take  the  most  amount  of  time  to  issue. 
The  increased  workload  for  government  investigators  also 
has  slowed  the  clearance  process,  making  such  a  creden¬ 
tial  an  even  more  valuable  asset. 

The  Defense  Department’s  security  clearance  backlog 
for  industry  personnel  was  roughly  188,000  cases  as  of 
March  31,  according  to  a  May  report  by  the  GAO.  GAO 
found  that  the  average  time  it  takes  the  Defense  De¬ 
partment  to  award  a  security  clearance  for  industry  per¬ 
sonnel  is  more  than  a  year,  up  56  days  since  2001 . 

At  a  Congressional  hearing  last  month,  Doug  Wagoner, 
vice  president  of  Data  Systems  Analysis  and  chairman  of 
the  Information  Technology  Association  of  America’s  In¬ 
telligence/Security  Clearance  Task  Group,  said  the  delays 
in  obtaining  security  clearances  rank  near  the  top  of  the 
chief  concerns  ITAA  members  have  about  doing  business 
with  the  federal  government. 

In  a  recent  survey  of  its  members,  ITAA  found  that  22%  of 
respondents  said  they  have  500  or  more  positions  open 
that  require  a  security  clearance.  Nearly  70%  of  the  respon¬ 
dents  indicated  that  the  clearance  process  hindered  their 
ability  to  expand  their  companies. 

Government  contractors  are  awarding  $15,000  and 
$20,000  signing  bonuses  for  new  employees  with  a  valid 
security  clearance  and  a  $10,000  bonus  to  current  employ¬ 
ees  who  recruit  a  new  employee  with  a  clearance,  accord¬ 
ing  to  the  GAO  report. 

“If  you’re  a  systems  engineer  with  a  top-secret  clearance, 
you’ll  see  a  15%  to  20%  differential  in  your  salary  says  Bob 
Merkl,  president  of  Secure  IT. “We  have  thousands  of  open 
requisitions,  and  only  one  or  two  people  surface  that  have 
the  [necessary]  skills.” 

If  you’re  interested  in  getting  a  security  clearance,  you 
need  to  be  sponsored  by  a  government  contractor  that  is 
cleared  at  the  facility  levels  and  has  classified  and  unclas¬ 
sified  projects.Then  you  can  work  on  an  unclassified  pro¬ 
ject  during  the  year  it  takes  for  you  to  get  your  security 
clearance. 

“During  the  security  clearance  background  check,  atten¬ 
tion  to  detail  is  essential,”  Barbee  says. “Many  people  will 
inadvertently  leave  something  off  their  application, and  the 
government  will  find  it.  .  .  .  People  who  don’t  make  it 
through  the  process  aren't  truthful.” 

Once  you’re  issued  a  security  clearance, you  face  abun¬ 
dant  job  opportunities, government  contractors  agree. 

“Network  architects  and  designers  who  come  from  the 
commercial  world  are  lapping  it  up,”  Barbee  says  R 
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Bureaucratic  backlog 

Increased  concern  over  terrorism  is  fueling  demand  for  IT 
professionals  with  security  clearances,  but  the  backlog  is  growing 
because  it’s  taking  investigators  longer  to  process  these  clearances. 


Number  of  industry  cases  completed 

Average  number  of  days  to  process 


Rising  mmioers 

The  Department  of  Defense’s  estimated  number 
of  backlogged  cases  for  security  clearances  for 
industry  personnel  have  jumped  more  than  twofold. 
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Reboot  your  Network  Equipment  via  Teinet,  Dial-Up  and  Local  Console 


Network  equipment  sometimes  "locks-up”  requiring  a 
service  call  just  to  flip  the  power  switch  to  perform  a 
simple  reboot.  The  NPS  Network  Power  Switch  gives 
network  administrators  the  ability  to  perform  this 
function  from  anywhere  on  the  LAN/WAN,  or  if  the 
network  is  down,  to  simply  dial-in  from  a  standard 
external  modem  for  out-of-band  power  control. 

m  Eight  (8)  Individual  Outlets 
IK  Dual  15-Amp  Circuits 
m  Integrated  10-BaseT  Interface 
B  RS-232  Modem  and  Console  Ports 
B  Outlet-Specific  Password  Security 
B  Network  Security  Features 
B  Power-up  Sequencing 
B  Co-Location  Features 
B  Modem  Auto-Setup  Command  Strings 
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Individually 
Programmable 
Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


19”  Rack  Brackets 
Allow  Front,  Back,  or 
Center  Mounting 


Dual  15  Amp 
Power  Circuits 
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By  Mark  Gibbs 
Network  World 
2/18/02 


Out-of-Banc. 
Management 


RS232 
onsole  Port 


www.wti.com 


(800)  854-7226 


western  telematic  incorporated  Celebrating  our  40th 

5  Sterling  •  Irvine  •  California  92618-2517  Year  in  DataCom 


“Keeping  the  Net.. .Working!  ” 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


Rose  Electronics 
■  i0707  standiff  Road 
Houston,  Tews  77099 

flOSE  US  +281  933  7673 

ROSE  EUROPE  +44  <0)1264  850574 

ROSE  ASIA  +65  6324  2322 

&  ROSE  AUSTRALIA  +617  3388  1 540 


Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 

800  333  9343 

WWW.ROSE.COM 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand 


xT^electronics 


UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


Recognized  as  the  pioneer  of  KVM  switch 
technology,  Rose  Electronics  offers  the 
industry’s  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 
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RackView™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 
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Global 
Technology 
Associates,  Inc. 


1-800-775-4GTA  •  www.gta.com  •  lnto@gta.com 


Who's  Protectin 
Vow  Network 


GTA  Firewall  Products 

Tough  Network  Security 


✓ 

✓ 

✓ 

✓ 

✓ 

✓ 


Building  Firewalls  for  over  1 0  years 
ICSA  4.0  Corporate  Certification 
5  appliances  to  match  your  network  needs 
Easy,  Flexible  Implementation  Options 
IPSecVPN 
Affordable  pricing 


Custom  Management  Levels 

OBSERVER 

•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 

EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 

OBSERVER  SUITE 

•  Complete  SNMP  device  management 

•  Supports  full  RM0N1.  RM0N2.  HCRMON 

•  Web  Publishing  Reports 


Remote  &  Hardware  Options 

REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 

GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  independent  views 


US  &  Canada  Toll  free:  (800)  526-5958  •  Fax:(952)932-9545  •  UK  &  Europe: +44  (0)  1959  569880 

•  One  Network  Complete  Control  Wired  to  Wireless  •  LAN  to  WAN 


NETWORK 


OBSERVER 


WA  A/ 

OBSERVER 


OBSERVER 
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toorui  ivo  mo  now  uuooi  voi  &  tuuuy  emu  ooo  iiuvv  ii  nni.iiuuicuwij 

finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/rtine 
- - - - — - — ^  , 

I  Introducing  Observer  9  \ 


•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interfacp-ario  ; 

multi-session  support  ;  7-  ... 

•  Industry-first  4GB  packet  capture  buffer  ■ v  r  ;*• 

■  • 

•  Wireless  Site  Survey  Modes  -  :/7 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events  ; 

•  SNMP.  RMON  and  now  HCRMON  support 


www.networkinstruments.com/nine 

©  2004  Network  Instruments,  LLC.  All  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  o!  Network  Instruments,  LLC. 
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Introducing  the  new 
Hot  Brick  family  of 
firewalls  &  managed 
secure  switches... 


Call  for  more  info  (866)  468-2742 
or  visit  us  online  at  www.hotbHck.eom 


Get  your 
Free  Personal 
firewall  software 

www.hotbrick.com/download 


Don't  get  hacked,  get  HotBrick 


Ciu^m  UTSmm  3C0fn 

iidii  AWfliK  f/zp-^s 

Rmiiii  WiJn 

^  BayNetworks  N — > 

COMPUTONt 


nmittm 

PARADYNE  BAlTilcT^^i 


CEE 


Telenetici 


SS/n  Optics 


7  veriunk 


RACAL 


Communicating  through  technology 


Luggage,  Fine  Leather  Goods, 
Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo, 
Samsonite,  Cross 
10%  discount  for  Network 
World  readers 
Enter  code  NWW2004 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 


LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SonlcU  e*Tralnlng 

Class  for  every  $15K  In  SonicWALL 

purchases  from  Securematics." 

•  New  SonicWALL  Resellers  will  receive  1  FREE 

SonlcU  Electronic  Training  Course  with  purchase 

of  any  Demo  Unit  .. 

Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 


Systems/Features/Memory 

CISCO 


mm 

CBiC's/Cables/Parts 

Also  Available:  Extreme,  Adtran 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  til  Network  Remarketer 


Fax  952*835*1927 


www.comstarinc.com 


Climate  Monitor 

$389 


Ethernet/Web 

Temperature 
Air  Flow 
Humidity 
Door  position 
Sound 
Light  Level 
Power 

Video  optional 
16  external  sensors 


See  it  working  at: 
http://63.237.104.17 


Rack  Mounted 

Monitor  Multiple  Cabinets 

HTML  (no  client  needed) 
SMTP  (e-mail  alerts) 
SNMP  (MIB,  Traps) 
Graphing 
Console 


Orr  Watchdogs 

www.ITWatchdogs.com 

512-257-1462 
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Server  Technology 


How  Do  You 
Securely  Reboot 

via  IP? 


Sentry  Gives  You  Secure  Web/I P  Based  Remote  Site  Management 


"NEW!"  Secure  Shell  (SSHv2)  Encryption 
"NEW!"  SSLv3  Secure  Web  Browser 
"NEW!"  Active  Directory  with  LDAP 
SNMP  MIB  &  Traps 
Integrated  Secure  Modem 
True  RMS  Power  Monitoring 
Outlet  Receptacle  Grouping  for  Dual-Power  Servers 
Fail-Safe  Transfer  Switch  for  Single-Power  Supply  Servers 
Power-up  Sequencing  Prevents  Power  In-rush  Overload 
Temperature  &  Humidity  Environmental  Monitoring 
Zero  U  &  Rack-mount  Models 
1 1 0/208  VAC  Models  with  30-Amp  Power  Distribution 
NEBS  Approved  -48  VDC  Models  Available 


— 

Solutions  for  the  Data  Center  Equipment  Cabinet 


When  servers  and  network  devices 


in  the  data  center  lock-up,  network 
managers  need  fast,  secure  and 
reliable  tools  to  respond.  With 
Sentry™  Remote  Site  Managers, 
an  administrator  can  immediately 
reboot  a  remote  system  with  just 
a  few  mouse  clicks.  Sentry  also 
provides  accurate  input  current 
power  monitoring,  environmental 
monitoring  and  integrated  secure 
console  management  using  SSH. 


Server  Technology,  Inc. 


Server  Technology,  Inc. 
1040  Sandhill  Drive 
Reno,  NV  89521 
USA 


toll  free  +1.800.835.1515 
tel +1.775.284.2000 
fax  +1.775.284.2065 

www.servertech.com 

sales@servertech.com 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


SENSAPHONE® 

IMS 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 


Power  Ethernet 
Control  Port 
Interface 


Internal  Voice, 
Modem 
&  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-37  3-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  19014 

Stop  juggling  with 
multiple  management  tools 
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*#  Keep  IT  simple 


ManageEngine 

OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  tode  v 

Available  for  Linux,  Solaris  and  Windows 
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Advertising  Supplement 

IT  Careers:  CIOs  Share  Career  Tips  for  Women 


No  three  careers  in  the  information  technology 
profession  are  the  same.  However,  when  discussing 
how  to  build  an  IT  career,  three  IT  leaders  share  a  common 
belief:  Women  must  be  willing  to  take  the  risky  projects. 

Barbara  Cooper,  CIO  for  Toyota  America;  Ann  M.  Harten, 
SVP  and  CIO  for  SIRVA;  and  Jane  Fishkin,  CIO  for  the 
Brookings  Institution,  are  members  of  the  newly  formed 
CIO  Executive  Council  -  a  group  that  is  studying  the  future 
of  technology  and  how  to  move  forward  in  an  increasingly 
complex  technological  world.  All  three  have  found  some 
common  themes  in  building  careers:  willingness  to  take  on 
projects  that  seem  "out  there"  at  the  time,  being 
surrounded  by  bright  people,  and  understanding  that 
choices  will  have  to  be  made. 


"You  have  to  know  that  you  will  take  the  opportunity  when 
it  presents  itself,"  Cooper  says.  "It  may  mean  moving, 
taking  an  overseas  assignment  or  taking  on  an  area  you 
may  not  know  a  lot  about.  That  has  always  been  more  of  a 
challenge  for  women  who  have  families  or  who  have  a 
working  spouse." 

Fishkin,  who  chose  public  sector  over  commercial  when  she 
left  IBM  for  Brookings,  says  it's  also  important  to  know  and 
accept  your  own  approach  to  careers.  "There  are  those  who 
plan  their  careers  and  know  what  steps  they  want  to  take 
next.  There  are  others  who  don't  plan  -  they  do  what  they 
like  and  go  where  they're  needed."  Fishkin  is  the  latter  but 
says  the  end  result  looks  as  though  she  planned  it.  An 
economist  by  education,  she  began  with  punch  cards  and 
Is  and  Os  at  IBM.  After  moving  to  Brookings,  she  was 
immersed  in  conversations  about  the  ethics  of  the  Internet 
and  e-commerce  -  more  than  two  decades  ago. 

The  three  CIOs  identify  common  skills  they  look  for  in 
preparing  IT  leaders  of  tomorrow. 

•  The  ability  to  broaden  experiences. 

•  A  mix  between  technical  and 
business/institutional  assignments. 

•  The  ability  to  influence  others. 

•  The  personality  to  be  an  aggressive  learner. 

"My  advice  is  to  broaden  your  experiences  and  stay  away 
from  pigeon  holing.  If  you're  provided  an  opportunity  to 
work  on  the  business  side,  grab  it.  Step  outside  your 
comfort  zone,"  Harten  explains. 


Fishkin  says,  "I've  hired  a  lot  of  people  who  didn't  have  the 
exact  skill  or  competency  that  was  needed  for  the  job.  It's 
really  about  their  attitude  and  their  ability  to  learn  quickly, 
that  they're  not  afraid  to  volunteer  to  take  on  something 
new."  And,  according  to  Cooper,  communication  "is  as 
important  as  knowing  any  technology.  It  doesn't  matter  if 
you're  better  at  Java  or  Dot-Net  if  you  can't  influence 
others,  negotiate  and  drive  change." 

Once  women  reach  leadership  positions,  continued  learning 
is  critical,  they  say.  Cooper's  greatest  challenge  is  preparing 
people  to  manage  and  lead  an  ever  more  challenging  IT 
world  -  studying,  projecting  and  then  linking  technology  to 
people.  Harten  relies  on  extensive  networking  to  enrich 
herself  personally,  but  also  to  bring  value  to  her  company. 
"Through  these  relationships,  I've  been  able  to  refine  my 
thinking  and  avoid  pitfalls."  For  Fishkin,  the  juice  of  the 
future  is  continuing  to  find  ways  for  technology  to  enable 
the  business,  government  and  education  experts  she 
supports  -  with  far-flung  projects  that  carefully  examine 
the  future,  using  technology  that  needs  to  be  up  and 
running  today. 

For  more  information  about  IT  Careers 

advertising,  please  contact:  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Fledden 


"DIVERSITY  IN  PRODUCTS,  SERVICES  AND  PEOPLE" 

THE  SOCIAL  SECURITY  ADMINISTRATION  IN  WOODLAWN,  MARYLAND 
is  seeking  highly  motivated  IT  Professionals  for  the  following  types  of  positions: 


♦  Mainframe  Developers  (COBOL,  CICS) 

♦  Internet  Developers  (Java,  WebSphere,  CGI) 

♦  Database  Administrators  (DB2,  IDMS,  Oracle) 

♦  Systems  Operation  Analysts  (SUN/UNIX,  JCL,  TSO/ISPF,  z/OS,  Control  M) 

COME  JOIN  OUR  WINNING  TEAM! 

WE  OFFER: 

♦  COMPETITIVE  SALARIES  -  RANGE:  $52,963-$85,867 

♦  A  COMPREHENSIVE  BENEFITS  PACKAGE  INCLUDING: 

•  RETIREMENT  SAVINGS  INVESTMENT  PLAN 

•  HEALTH,  LIFE  AND  LONG  TERM  INSURANCE  FOR  SELF  AND  FAMILY 

♦  PAID  VACATION,  SICK  LEAVE  AND  10  PAID  HOLIDAYS 

♦  PAID  OVERTIME  AND  ONGOING  TECHNICAL  TRAINING 

♦  FLEXIBLE  WORK  SCHEDULES. 

ALL  OF  THIS  AND  A  POSITIVE,  CASUAL  WORK  ENVIRONMENT! 


To  apply  go  to  USAJOBS  at:  http://iobsearch.usaiobs.opm.aov/  and  select 
the  Social  Security  Administration.  Must  be  a  United  States  citizen  to  apply. 
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World’s  Foremost  Outfitter' 


If  you’ve  been  searching  for 
a  progressive,  team-oriented 
company  where  you  can  put 
your  technical  skills  to  work, 
we  could  be  just  what  you’ve 
been  looking  for.  Cabela’s,  the  World’s  Foremost  Outfitter  of  Hunt¬ 
ing,  Fishing  and  Outdoor  Gear,  is  currently  seeking  an  experienced 
Digital  Asset  Manager  to  work  in  our  catalog  department  in  Sidney, 
Nebraska.  Applicants  should  have  a  knowledge  of  hardware  and 
software  systems  associated  with  digital  asset  management  and  a 
minimum  of  three  years  experience  in  prepress,  print  operations  or 
operations  management.  In  addition  applicants  must  have  the  abil¬ 
ity  to  understand  and  manage  database  applications  such  as  Media- 
Bank,  Filemaker  Pro  Excel  and  Microsoft  Access.  The  position  also 
requires  some  supervisory  responsibilities  including  scheduling  and 
assigning  database  job  creation  efforts  and  checking  work  for  accu¬ 
racy.  Unix  experience  is  helpful.  Cabela’s  offers  competitive  wages 
and  benefits  as  well  as  opportunity  for  advancement  and  furthering 
your  education.  Qualified  applicants  should  submit  a  resume  and 
cover  letter  online  at  www.cabelas.com.  Select  “About  Cabela’s”, 
and  then  select  “Careers”.  Job  ID#861. _ 


COMPUTER 

Interskills,  LLC  is  a  computer 
consulting  company  specializing 
in  providing  skilled  computer 
professionals  to  a  wide  variety  of 
clients.  We  currently  have  the 
following  opportunity  available  to 
work  in  our  Moraga,  CA  office: 

Systems  Analysts 

Positions  require  a  Bachelor's 
degree  or  equivalent  in  Com¬ 
puter  Science  or  related  field 
and  at  least  one  year  experience 
with  large  scale  government  tax 
systems  -  ideally  IRIS  and  RDC. 
Skills  sought  are  Adabas,  Nat¬ 
ural  and  may  include  Construct, 
Visual  Basic,  XML,  HTML.  SQL. 
and  Oracle.  Must  be  available  to 
travel. 

Please  send  resume  to 
Interskills  LLC  with  cover  letter 
to  Tony  McKenzie.  879  Augusta 
Drive,  Moraga,  CA  94556.  Tel 
(925)  631-0312,  Fax:  (925)  377- 
6240;  or  email  your  resume  to 
TonyM@inskills.com.  For  addi¬ 
tional  information  on  the  com¬ 
pany  visit  our  web  site  at 
www.inskills.com.  Interskills  LLC 
is  an  affirmative  action/equal 
opportunity  employer  committed 
to  the  development  of  a  diverse 
workforce. 


We  are  looking  for  a  system  an¬ 
alyst  to  perform  maintenance  of 
existing  web-sites  and  create 
original  concepts  for  new  web¬ 
sites  for  corporate  clients.  This 
is  a  fuil  time  position  -  40  hours/ 
week,  no  overtime.  Work  sched¬ 
ule:  8:00  a.m.  to  5:00  p.m.  The 
basic  salary  for  the  position  is 
$33,654  per  year. 

The  successful  candidates 
should  have  completed  8  years 
of  grade  school,  4  years  of  high 
school  and  4  years  of  college 
and  possess  a  Bachelor's  De¬ 
gree  in  Information  Systems.  We 
require  at  least  one  year  of 
experience  as  a  web-designer. 
Experience  with  Macromedia 
Dreamweaver,  Flash  and  Cold 
Fusion,  Adobe  Photoshop,  Im¬ 
age  Ready,  Illustrator  as  well  as 
with  dynamic  web-pages  and 
HTML  is  mandatory.  Fluency  in 
English  and  Bulgarian  is  also 
required. 

Applicants  must  show  proof  of 
legal  authority  to  work  in  the 
United  States.  No  calls:  please 
send  2  copies  of  both  resume 
and  cover  letter  to: 

ILLINOIS  DEPARTMENT  OF 
EMPLOYMENT  SECURITY 
401  South  State  Street  -  7  North 
Chicago,  IL  60605 
Attention:  Joanne  Breaux 
Reference  #V-IL  35715  -  N 
An  employer  paid  ad. 


Senior  Operations  Engineer 
wanted  to  be  responsible  for  the 
specification,  installation  &  con¬ 
figuration  of  revenue  generating 
value-added  products  w/in  live 
N.  Amer.  operator  networks;  pro¬ 
vide  expert,  remote  &  on-site 
tech,  support  for  all  company 
products  across  all  mobile  tech¬ 
nologies,  incl.  TDMA,  CDMA, 
GSM/DCS,  resolving  any  issues 
which  may  occur;  resolve  esca¬ 
lated  tech,  issues  to  customer 
acceptance  w/in  scheduled 
timeframes  &  work  proactively  to 
ensure  that  all  live  systems  are 
kept  up-to-date  with  minimal  dis¬ 
ruption  to  service;  identify  & 
track  hardware  &  software  prob¬ 
lems  &  escalates  to  relevant 
depts.  &  3rd  party  vendors;  inter¬ 
face  as  first  line  of  support  for 
third  party  products,  e  g.  Oracle, 
Ingres  databases,  ISS  email 
gateway  servers,  IVR  &  SMSC 
interfaces  to  3rd  party  prepaid 
platforms;  maintain  extensive 
knowledge  in  HP  SS7  Opencall 
Protocol,  software  &  hardware; 
lead  a  team  of  Engs.  &  maintain 
ownership  of  several  customer 
accts.,  ensuring  all  support 
issues  are  resolved  w/in  agreed 
Service  Level  agreements; 
review  all  call  resolution  reports 
prior  to  delivery  to  customer  &  all 
methods  of  procedure,  which 
are  implemented  at  customer 
site;  interfaces  with  Product 
Ctrs.  providing  advice  on  design 
&  integration  of  new  products; 
take  lead  in  learning  new  prod¬ 
ucts  &  introducing  such  products 
to  the  region;  act  as  mentor  & 
tech,  advisor  to  other  Oper. 
Engs.;  provide  24  x  7  tech,  esca¬ 
lation  support  to  customers  8 
Oper.  Engs,  w/in  the  co.  support 
framework.  Must  have  Bach. 
Deg.  in  Comp.  Sci.,  Elect.  Eng. 
or  related  field,  &  2  yrs.  software 
tech,  support  exper.  incl.  exper. 
troubleshooting  HP/Unix  oper. 
systems  &  Oracle  8i  databases, 
&  incl.  exper.  with  wireless  tech¬ 
nologies  &  prepaid  excel  switch¬ 
es.  40/hr/wk.  Salary  $65,000  - 
70,000/yr.  Send  2  resumes  to 
Case#200300055,  Division  of 
Career  Services,  19  Staniford 
St.,  1st  FI.,  Boston,  MA  02114. 
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Prog  Analysts  to  analyze,  de¬ 
sign,  develop.  Implement  CRM 
apps  using  Java,  Java  Script, 
VB.  VB  Script.  ASP,  SQL  Server, 
Oracle,  Clarify  Suite  of  Products, 
XML,  Visual  Source  Safe  on 
Windows  &  UNIX  OS;  work  with 
business  analysts  to  map  reqs 
for  Clarify  Data  Model;  involve  in 
customization/implementation  of 
Clear  Support  appls;  create, 
execute  batch  programs;  test, 
debug,  modify  existing  software. 
Require:  BS  or  foreign  equiv.  in 
CS/Engg  (any  branch)  &  2  yrs  of 
exp  in  IT.  FfT.  Travel  involved. 
Competitive  salary.  Resume  to: 
HR,  ABZ  Consulting,  Inc.,  2600 
Century  Parkway,  Ste  100, 
Atlanta.  GA  30345. 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis,  TN:  Senior  Systems  Pro¬ 
grammer  Devise  procedures  to 
solve  complex  systems  and 
applications  problems.  Require¬ 
ments:  Bachelor’s  degree  or 
equivalent*  in  computer  science, 
MIS,  engineering  or  related  field 
plus  5  years  of  experience  in 
systems  programming.  Experi¬ 
ence  with  UNIX,  C  and  logistics 
code  development  also  re¬ 
quired  'Master's  degree  in  ap¬ 
propriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Virginia  Laster, 
FedEx  Corporate  Services, 
2847  Business  Park,  Bldg  J, 
Memphis,  TN  38118-2831.  EOE 
M/F/D/V. 


NETWORK  ADMINISTRATOR 

Tech  support  to  LANA/VAN  net¬ 
work  for  2  mfg.  facilities. 
Troubleshoots/maintains  soft¬ 
ware/hardware  and  network 
syst.  Install,  support,  upgrade 
syst.  for  servers,  PC's,  printers. 
Data/syst.  backup  of  chromatog¬ 
raphy  workstations,  computers, 
network  servers  Implement  net¬ 
work  security.  Ensure  network 
availability.  Audit  lab  equip. 

BS  degree  Computer  Science/ 
Eng.  or  Electronics  Eng.;  prof,  in 
Visual  Basic.  JAVA,  Visual  C++. 
7:00am-  5:30pm  M-Th.  Res¬ 
umes  to  Pharmaceutical  Associ¬ 
ates,  Inc.  ATT:  Jack  Cottle,  201 
Delaware  St,  Greenville,  SC 
29605. 


Programmer/Analyst  (SAP)  - 
Plano,  TX  -  Config  &  implmtn  of 
SAP  SM  (svc  mgmt)  CS  w/inter- 
face  to  S&D  &  PS  &  SAP  CRM- 
ClC/call  center  using  ASAP  & 
method  blue  methodology.  Auto¬ 
mate  biz  process  maximize  effi¬ 
ciency  &  productivy  through 
effective  orgn  &  proj  mgmt  skills. 
Bachelor's  degree  w/maj  in 
Comp  Info  Sys  or  Mgmt  Info 
Sys.  Min  1  yr  exp.  40  hrs/wk, 
8am-4:30pm.  Send  resume  to: 
HR  Dept,  Samsung  SDS 
America,  Inc,  15  Corporate  PI 
So,  Piscataway.  NJ  08854. 


Software  Developers  needed. 
Seeking  candidates  possessing 
BS  or  equiv  and  rel  work  exp. 
Duties  include:  Develop  and 
direct  business  software  testing, 
programming  and  documenta¬ 
tion  for  agri  food  businesses. 
Deploy,  support  and  tune  data¬ 
base  and  backup/recovery  solu¬ 
tions.  Work  with:  Perl,  Java, 
Oracle,  Linux,  CVS  and  Apache. 
Exp.  must  include  1  year  work¬ 
ing  with  Linux.  Perl  and  Oracle 
and  working  within  the  agri  food 
business  industry.  Mail  resume, 
refs  and  salary  reqs  to:  E- 
Markets,  Inc.,  1606  Golden 
Aspen  Dr.,  #108,  Ames,  IA 
50010. 


Programmer  Analyst  -  design/ 
dev/implement  apps  w/Broad- 
vision,  Powerhouse  Axiant  in 
HP  Unix  server  &  interface 
b/HP3000  &  Web  Server 
w/Message  Queue  technology. 

Information  Systems  Manager 

-  Lead  team  in  developing 
apps  in  HP  3000  w/COBOL  & 
4GL  Powerhouse  &  interfaces 
b/H_3000  &  Web  Servers 
w/Message  Queue  technology. 

Resumes  by  fax  only  to  (310) 
222-6329.  Sunrider,  Interna¬ 
tional,  1625  Abalone  Avenue, 
Torrance,  CA  90501. 


Computer 

AlphaSoft  Services  Corp.  is  a 
rapidly  growing  systems  integra¬ 
tion  &  software  development 
services  provider.  We  are  cur¬ 
rently  recruiting  for  the  following 
FT  opening  in  Walnut  Creek, 
CA: 

"Programmer  Analyst 
This  position  may  require  travel 
and/or  temporary  relocation.  For 
more  information,  please  visit 
our  website  at  www.alphasoft 
services.com.  Apply  by  mail  to 
HR.  2121  N.  California  Blvd. 
#350,  Walnut  Creek.  CA  94596, 
(925)  932-3743  -  fax,  or  email 
IT  JOBS@alphasoftservices.com . 


Software  Developer 

Our  main  business  activity  is 
environmental  forecasting,  and 
we  seek  a  professional  to  perfor- 
ma  nalysis,  design  &  develop¬ 
ment  of  comp  software  incl  GUI 
dvelopment  using  Java,  C/C++, 
Multi-threwding,  HTML,  Java¬ 
Script,  Swing  &  PHP  with  Oracle 
&  MYSQL  databases  in  UNIX  & 
LINUX  environments.  Master's 
degree  required  with  2  years' 
exp.  Send  resume  to  HR  Dept, 
Accurate  Environmental  Fore¬ 
casting,  Inc.,  165  Dean 
Knauss  Drive,  Narragansett, 
Rl  02882. 


SOFTWARE  ENGINEER 
for  Software  Develop¬ 
ment  Company.  Mini¬ 
mum  3  years  of  experi¬ 
ence  and  M.E.  Send 
resume  to:  Alyzak  Corp¬ 
oration,  1580  Sawgrass 
Corporate  Pkwy,  Suite 
130,  Sunrise,  FI  33323. 
No  walks  in  please. 


Software  Engineers  needed. 
Seeking  qual.  candidates  pos¬ 
sessing  MS  or  equiv.  or  rel. 
work  exp.  Part  of  req.  rel.  work 
exp.  must  include  3  yrs  working 
w/  PL/SQL  &  Oracle  Technol¬ 
ogies.  Duties  include:  Design  & 
develop  software  architecture  & 
life  cycle;  Data  warehousing  & 
data  mining.  Work  w/  Oracle  91 
database,  Oracle  Designer, 
Oracle  Business  Intelligence, 
Jdeveloper  &  Rational  Rose 
XDE  Modeler.  Send  res.,  ref.  & 
sal.  req.  to  Remote  Computing 
Systems,  Inc.  9017  Bluestem 
Rd„  Wichita,  KS  67207. 


Symphony  Corp.,  head¬ 
quartered  in  Madison,  Wl 
seeking  candidates  for 
mid  &  senior  level  posi¬ 
tions:  Software  Engin¬ 
eers,  Programmer  Ana¬ 
lysts,  Project  Managers 
and  Quality  Assurance 
Technicians.  Forward 
resume,  references  & 
salary  requirements  to: 
Symphony,  FIR  Dept., 
608-294-9321  or  email  to 
info@svmDhonv.cc. 


SalesPage  Technologies  is 
looking  for  Computer  Support 
Specialist,  Project  Analyst  to 
perform  triage  to  determine  tech 
issues  and  to  develop  customer 
system  using  Java,  JavaScript. 
SQL,  Relational  database.  Min. 
requirement  is  BS  degree  with 
experience.  Apply  at  employ 
ment@salesDaae.com. 

Owen  State  Community  College 
has  opening  for  Database  Ad¬ 
ministrator  to  analyze,  test  & 
implement  operating  system  & 
security  software  to  support 
College  information  database. 
Require  BS  plus  exp.  in  Oracle 
DBA,  Perl,  SQL,  Java.  Please 
apply  at  lfern@owens.edu. 
EOE. 


IT  PROFESSIONALS 

Senior  Consultant 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U.S.).  Provides  advice,  analysis, 
solutions  and  large  scale  imple¬ 
mentation  for  technology  based 
business  strategies  Works  as 
part  of  a  team  in  implementing 
SAP  e-business  solutions 
Leads  the  Accounts  Payable 
team  during  blueprinting,  real¬ 
ization  and  testing  stages  of 
SAP  Financials  implementation. 
Integrate  Accounts  Payable  with 
the  functionality  in  Materials 
Management  (MM)  and  Finan¬ 
cials  and  Controlling  (FI/CO). 
Responsible  for  presenting  the 
design  to  key  stakeholders, 
identifying  gaps  in  SAP  solution 
and  client  business  needs  and 
writing  functional  specifications 
to  address  gaps  including  Elec¬ 
tronic  Data  Interchange  (EDI) 
interfaces.  Responsible  for  de¬ 
signing  solutions  to  conform  to 
client  business  needs  and  per¬ 
forms  knowledge  transfer  to 
client  counterparts.  Configures 
the  SAP  systems  to  meet  the 
business  process  requirements 
of  the  client.  Synchronizes  and 
tests  systems  and  tools.  Identi¬ 
fies  appropriate  string  and  inte¬ 
gration  testing  scenarios  and 
key  process  chains  as  well  as 
the  reporting  needs  of  the  cli¬ 
ents.  Sets  up  business  process 
simulations  in  SAP  R/3.  Involved 
in  web  enabling  SAP  systems 
using  Internet  Transaction  Ser¬ 
ver.  Uses  ABAP/4,  SAPScript, 
SAP  data  structure  knowledge 
to  write  functional  specifications 
for  enhancements,  reports  and 
interfaces. 

WAGE:  $82, 044/year 

Hours  worked:  Monday-Friday 

9:00am-5:00pm 

MINIMUM  REQUIREMENTS: 
Bachelor's  degree  in  Computer 
Science,  Engineering  (any  type), 
Math,  Business  Administration 
or  Information  Systems  +  4 
years  exp.  in  the  job  offered  or  4 
years  exp.  as  a  Senior  Consult¬ 
ant.  Software  Engineer,  Consult¬ 
ant,  or  Information  Technology 
Analyst.  Related  experience 
must  include  at  least  2  years  of 
large  scale  systems  implemen¬ 
tation  utilizing  SAP  modules  FI, 
CO  and  MM. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB- 
423832  to  the:  PA  NW  Career- 
link,  FLC  Unit,  235  W.  Chelten 
Ave.  Philadelphia,  PA  19144. 
EOE. 


Kelly  Mitchell  Group,  Inc.  is 
seeking  a  Programmer  Analyst 
(St.  Louis,  MO): 

Develop  telecomm  marketing 
info  sys.  applying  OOD  w/ 
J2EE  architecture  &  STRUTS 
framework  on  WinNT/Unix 
platforms  using  Oracle  db  & 
Websphere/Weblogic  appl. ser¬ 
ver;  analyze/develop  workflow 
appls.  create  Class/sequence 
diagrams  and  Use  cases,  and 
write  Test  cases  using  UML. 
Rational  Rose  &  Test  Director; 
create  busi.  process  compo¬ 
nents  using  Jbuilder  &  WSAD 
w/  Java,  EJB,  Servlets,  XML, 
SQL,  TOAD  &  JSP.  Requires 
BS  in  Comp.  Sci,  EE,  MIS.  or  a 
closely  related  plus  6  mon. 
exp.  Full  time.  Resume  to:  HR, 
Kelly  Mitchell  Group,  Inc.  101 
S  Hanley  Road,  Ste  1100,  St. 
Louis,  MO  63105.  NO 
CALL/EOE. 


The  MathWorks 

The  MathWorks  leads  the  market  in  developing  and 
delivering  high  performance  interactive  software 
products  such  as  MATLAB®  to  the  engineering  and 
scientific  communities.  We're  increasing  our  lead  by 
hiring  the  best  people  for  every  job  in  the  organization. 
We  have  the  following  positions  available  at  our  offices 
in  Natick,  MA. 

Genetic  Algorithm  Toolbox  Developer 

Propose,  plan  and  develop  genetic  algorithm  direct 
search  tools. 

Simulink  Engine  Quality  Engineer 

Develop  test  suites  and  conduct  hands-on  testing  of 
the  company's  Simulink  product  engine. 

DSP  Simulink  Blockset  Engineer 

Design  and  develop  software  components  for  real-time, 
embedded  DSP  algorithms  in  the  audio,  video,  and 
telephony  application  areas. 

Senior  GUIDE  Engineer 

Lead  the  architecture  development  and  implementation 
for  the  next  generation  graphical  user  interface 
development  environment. 

The  aforementioned  positions  are  available  at 
all  levels  and  require  a  minimum  of  a  B.S.,  M.S., 
or  Ph.D.  and  0-8  years  of  experience. 

Additional  Opportunities  in  the  Following  Areas: 

•  Sales  Representatives 

•  International  Sales  Reporting  Analyst 

•  Business  Model  Analyst 

•  Business  Application  Managers 

•  Data  Warehouse  Architect-Business  Intelligence 

•  DSP/Conununications  Quality  Engineer 

•  Real  Time  Embedded  Coder  Quality  Engineer 

•  Product  Marketing  Manager 

•  Software  Engineers 

For  fastest  consideration  interested  candidates 
should  reply  via  our  website: 
http://www.mathworks.com/jobs 

The  MathWorks,  Three  Apple  Hill  Drive, 

Natick,  MA  01760  -  Job  Code:  IT604 

We  are  an  equal  opportunity  employer 


www.mathworks.com 


Computer  Professionals 
(Multiple  Openings) 
Software  Engineer/Systems 
Analyst/Programmer 
Analyst/DBA 
Springfield,  IL 

Must  have  a  bachelor's  degree 
or  equivalent  and  experience  in 
some  of  the  following  skills: 
Languages  (C/C++,  Java.  XML, 
UML);  Microsoft  Technologies 
(Visual  Basic,  .Net,  ASP);  ERP 
(SAP,  People  Soft,  Oracle);  EDI 
(ANSI  X12,  EDIFACT,  HIPAA); 
Integration  Tools  (Seebeyond, 
Web  Methods,  Tibco);  Rational 
Tools  (Clear  Case,  Clear  Quest): 
Coolgen;  Interwoven;  DataBas- 
es  (Oracle/DB2/Sybase/SQL- 
Server);  Windows  (2000/NT/XP) 
and/or  UNIX  and/or  Linux  oper¬ 
ating  systems.  Must  be  willing  to 
travel  and  /or  relocate  to  various 
places  in  the  United  States. 
Attractive  compensation  pack¬ 
age.  Send  resumes  to:  Human 
Resources,  Dyna  Consulting 
Services,  Inc.,  960  Clocktower 
Drive,  Suite  -  I,  Springfield,  IL 
62704,  or  email  to: 
iobs@dvnaconsultinainc.com 


Database  Administrator  req.  by 
S/ware  Dev  Comp.  Duties: 
Oracle  D/base  Administrator, 
supervising  d/base  administra¬ 
tors  &  should  serve  as  project 
leader  &  technical  leader. 
D/base  dsgn,  modeling,  dvlpmt 
&  implmtn  of  decision  support 
systm/Oracle  fin'ls  systm  in 
client/server  architecture  using 
Oracle  RDBMS,  Perform  d/base 
admin  &  tuning,  SQL  tuning, 
backup  &  restore  &  familiarity 
w/Oracle  utilities  (SQL  Loader, 
Imp/Exp,  Enterprise  Mgr  utilities, 
PL/SQL,  Erwin,  Discoverer, 
Sagent  ETL  tool)  D/base  Admin 
of  Oracle  Fin'l  modules.  Job  in 
Chicago.  IL  &  various  unantici¬ 
pated  client  sites  in  US,  as 
assigned.  Req.  Masters  in  either 
Math,  or  Sci,  or  Comp  Sci,  or 
Engg,  (will  accept  an  equiv 
based  on  education  &  exp),  &  1 
yr  exp  in  job  offd,  40  hrs/wk,  9-5, 
M-F.  Contact,  CEO,  Edgesys. 
Inc.,  555  Madison  St,  Ste  1- 
2311,  Chicago,  IL  60661 


IT  Professionals  needed.  Nor¬ 
walk,  CT  company  has  several 
senior  and  entry-level  positions 
available  for  qualified  candi¬ 
dates  possessing  MS/BS  or 
equivalent  and/or  relevant  work 
experience.  Work  with  one  or 
more  of  the  following:  RDBMS 
(Oracle).  Java,  Unix,  LDAP,  GUI 
design,  ODBC,  JDBC,  Sybase, 
Windows  NT,  Windows  2000, 
Visual  Basic,  ASP.  HTML,  APIs, 
OLTP,  OLAP,  Versata,  PVCS, 
Netscape  Application  Server, 
IIS,  and  firewalls.  Must  be  willing 
to  travel  and  relocate.  Fax 
resume  to  Logicsoft  Inc.,  HR 
Dept.  (203)  846-1131  or  email 
recruits@looicsoftinc.com. 


Computer  Developer  for 
Boca  Raton,  FL  firm.  Must 
have  Bachelor's  Degree  or 
equivalent  &  1  year  experi¬ 
ence  with  developing  and 
supporting  software  appli¬ 
cations  based  on  MS- 
Access/VB  6.  Must  have 
experience  with  real  estate 
software  applications,  MS- 
Access,  VB  6  and  Oracle 
DB.  Please  respond  to: 
Moshe  Marty  Harel,  7040 
W.  Palmetto  Park  Road, 
Boca  Raton,  FL  33433. 


Engineer  (New  York,  NY):  De¬ 
velop/implement  introspective  & 
self-adaptive  hardware  &  soft¬ 
ware  sys  Design,  implement  & 
evaluate  new  program  repre¬ 
sentations  Consult  w /  engi¬ 
neers  &  clients  to  enhance  reli¬ 
ability.  scalability  &  perfor¬ 
mance.  Design  systems  &  tech¬ 
niques  to  map  applications  on 
architectures.  Must  have  M  S. 
in  Comp.  Sci.  or  Elec  Eng  .  plus 
1  yr.  specific  experience.  Send 
resume  to  Melanie  Peters 
Business  Manager,  Reservoir 
Labs,  Inc.,  632  Broadway.  Suite 
803,  New  York,  NY  10012. 
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IT  PROFESSIONALS 
Consultant 

(Glen  Mills,  Pennsylvania  and 
other  locations  through  the 
U.S.).  Design  and  implement  cu¬ 
stom  technology  enabled  busi¬ 
ness  solutions  utilizing  Oracle 
and  CRM  applications.  Develop 
system  requirements  and  define 
support  procedures.  Draft  com¬ 
ponents  of  proposals  for  en¬ 
gagements  and  identify  follow¬ 
up  opportunities.  Develop  hypo¬ 
thesis  and  identify  data  needed 
to  evaluate  existing  business 
systems.  Evaluate  alternatives 
and  recommends  solutions  for 
issues  encountered  on  engage¬ 
ments.  Draft  effective  presenta¬ 
tions  and  reports  for  clients. 
Gain  an  understanding  of  cli¬ 
ents'  key  business  decisions 
and  implications  on  their  busi¬ 
ness  models.  Build  awareness 
of  technology  enablers  including 
Interfaces  between  Legacy  & 
Oracle  systems  and  their  poten¬ 
tial  impact  on  business  require¬ 
ments.  Develop  new  business 
processes  and  application  de¬ 
signs  using  Microsoft  Visio  with¬ 
in  Oracle  CRM  modules.  Pro¬ 
vide  potential  gap  resolution 
alternatives,  create  designs  for 
complex  technical  requirements 
including  gap  analysis,  infra¬ 
structure,  interfaces  between 
Legacy  and  Oracle  systems,  en¬ 
hancements,  and  conversions. 
Develop  test  plans,  scripts,  cas¬ 
es  and  acceptance  criteria  utiliz¬ 
ing  Mercury  Interactive.  Prepare 
deliverables  on  engagements. 
Salary  is  $74,751.70  per  year. 
Mon-Fri,  9:00  am  to  5:00  pm. 

The  position  requires:  Bachel¬ 
or's  degree  or  equivalent  in 
Computer  Science,  Math,  Engin¬ 
eering  (any),  Information  Sys¬ 
tems  or  Business  Administration 
+  2  years  of  experience  in  the 
job  offered  or  2  years  of  experi¬ 
ence  as  a  Systems  Analyst, 
Consultant  or  Management  An¬ 
alyst.  Related  experience  must 
include  at  least  six  months  with 
Microsoft  Visio,  Mercury  Inter¬ 
active  Software.  Oracle  Systems 
and  Customer  Resource  Man¬ 
agement  (CRM)  Applications. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB- 
423535  to  the:  PA  Careerlink, 
FLC  Unit,  235  W.  Chelten  Aven¬ 
ue,  Philadelphia,  PA  19144. 
EOE. 


Senior  iSeries  Systems  Eng¬ 
ineers  -  Requires  Bachelor's  or 
equivalent  in  Computer  Science 
or  a  related  field  &  five  years 
experience  in  the  job  offered 
&/or  in  Computer  Information 
Systems/Technology  with  3 
years  of  the  experience  being  in 
Systems  Engineering.  In  lieu  of 
the  BS+5  yrs,  Employer  will 
accept  8  years  of  experience  in 
Computer  Information  Systems/ 
Technology,  with  3  years  of  the 
experience  being  in  Systems 
Engineering.  A  minimum  of  18 
months  of  TCP/IP  &  SNA  com¬ 
munications  on  the  iSeries  is 
essential.  Must  have  the  follow¬ 
ing  certifications:  IBM  LPAR 
Expert  &  iSeries  Technical  Solu¬ 
tions  Expert,  IBM  iSeries  Tech¬ 
nical  Solutions  Design  V5R2  & 
iSeries.lBM  Technical  Solutions 
Implementation  V5R2,  MIMIX 
V4R4. Networking. 

Competitive  Salary  &  Benefits. 
Contact:  Recruiting,  Premise 
Inc,  4904  Creekside  Drive, 
Clearwater,  FL  33760,  Robert 
Nowels@premiseinc.com. 


CyberSoft  Technologies, 
Inc.,  Systems  Analysts: 
Design,  and  develop  enter¬ 
prise  level  web-based 
applications  using  C#, 
ASP.Net,  SQL  Server, 
UML,  Visio,  VSS,  COM/ 
DCOM,  Message  Queues, 
and  Transaction  Server. 
Need  degree  in  Comp  or 
Engi  +  2  year  Exp  Resume 
to:  HR,  4420  FM  1960 
West,  Suite  222,  Houston, 
TX  77068  or  via  email: 
jobs@cybersoftech.com. 


IT  PROFESSIONALS 
Manager 

(Glen  Mills,  PA  and  other  loca¬ 
tions  throughout  the  United 
States).  Provide  leading  exper¬ 
tise  in  process  areas  of  Supply 
Chain  (inventory  management, 
order  management,  manufactur¬ 
ing  planning)  and  Product  De¬ 
velopment  (Product  Design, 
New  Product  Introduction)  ac¬ 
ross  multiple  continents.  Devel¬ 
op  technology  solutions  in  areas 
of  Supply  Chain  Planning/ 
Execution,  Collaborative  Com¬ 
merce,  and  Reporting  and  Data 
Management  that  support  and 
integrate  with  Supply  Chain 
processes  and  technologies. 
Perform  quantitative  analysis  of 
supply  chain  requirements  to 
design  optimal  network  and 
infrastructure  and  integrate  Sup¬ 
ply  Chain  processes  with  tech¬ 
nologies  to  facilitate  resolution  of 
related  complex  client  issues. 
Communicate  progress  and 
results  to  Senior  Management 
(COO,  CFO,  CIO)  in  large  multi¬ 
national  corporations  across 
multiple  industries. 

The  wage  offered  is  $116,000/ 
year.  The  work  schedule  is 
Monday-Friday  9:00am-5:00pm. 
The  minimum  requirements  are 
as  follows:  Master's  degree*  in 
Business  Administration  +  5 
years  experience  in  the  job  of¬ 
fered  or  5  years  experience  as  a 
Manager,  Senior  Consultant,  or 
Consultant.  Related  experience 
must  also  include  Product  De¬ 
velopment  and  Supply  Chain 
strategy  and  processes  across 
multiple  continents;  Technology 
solutions  in  Supply  Chain  Plan¬ 
ning/Execution,  Collaborative 
Commerce,  Reporting  and  Data 
Management;  Integration  of 
Supply  Chain  processes  with 
technologies  and  facilitation  of 
resolution  of  related  complex 
client  issues;  Quantitative  analy¬ 
sis;  Proven  record  of  communi¬ 
cations  with  Senior  Manage¬ 
ment  (COO,  CFO,  CIO)  for  large 
corporations  across  multiple 
industries.  *Employer  will  regard 
a  Bachelor's  degree  +  7  years  of 
experience  to  be  equivalent  to  a 
Master's  degree  +  5  years  of 
experience. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB 
423870  to  the:  PA  CareerLink, 
FLC  Unit,  235  W.  Chelten  Aven¬ 
ue,  Philadelphia,  PA  19144. 
EOE. 


Software  Engineer.  Dsgn  &  dvlp 
computer  prgms  to  test  business 
applies  using  Oracle,  Oracle 
Financials,  SAS  tools,  Apache  & 
SQL,  as  well  as  testing  tools  incl. 
WinRunner,  Test  Director  &  Astra 
Quick  Test  on  Linux,  HP  UX  & 
UNIX  platforms.  Install  &  set  up 
Rational  Unified  Process  in  s/ware 
dvlpmt  life  cycle.  Create  &  exe¬ 
cute  testing  scripts  using  C  &  VB. 
Set  up  &  configure  Load  Runner 
to  perform  smoke,  bounce,  stress, 
integration,  architecture  &  func¬ 
tionality  specific  performance 
monitoring  of  web  applies.  Dvlp 
test  result  summary  report  based 
on  mean,  median  &  stat'al  analy¬ 
sis  of  test  results  using  Rational 
Robot.  Dvlp  test  strategies,  test 
plans  &  qlty  assurance  sched  for 
all  tests  to  be  performed.  Req  BS 
in  Comp  Sci,  an  Engg  discipline, 
or  closely  related  field  w/2  yrs  exp 
in  job  offd  or  as  QA/Systems 
Analyst.  Extensive  travel  on 
assignment  to  various  client  sites 
w/in  US  reqd.  Competitive  salary 
offd.  Send  resume  to  Ahn  Chi 
Yong,  Lightning  Technology 
Solutions,  Inc,  2526  Mt.  Vernon 
Rd,  Ste  B,  #  307,  Dunwoody,  GA 
30338;  Attn:  Job  JS. 


AVI  Technologies,  Inc. 

Programmer  Analysts:  Ana¬ 
lyze,  architect,  develop,  inte¬ 
grate  and  Test  Multi-Tier 
Enterprise  Application  using 
VB.NET,  XML,  Web  Services, 
C++,  UML,  Rational  Rose, 
J2EE,  and  EAI  technologies 
using  database  in  Oracle, 
Sybase  and  SQL  Server. 
Requires  a  Bachelor's  in 
Computer  Science  or  related 
field  and  2  years  of  experi¬ 
ence.  Send  Resume  to:  HR,  24 
May  Street,  West  Haven,  CT 
06516  or  E-mail:  jobs@avit.net 


SENIOR  SOFTWARE  ENGI¬ 
NEER:  Duties  include:  As  the 
technical  lead  will  direct  the 
research,  design,  and  develop 
computer  software  systems  for 
color  management  systems  for 
the  graphic  arts  industry.  Res¬ 
ponsibilities  include:  Analyze 
designs  and  architectures  to 
ensure  customer  requirements 
are  met,  and  develop  functional 
and  system  specifications.  De¬ 
sign  and  implement  new  fea¬ 
tures  using  object-oriented  tech¬ 
nology,  mathematics,  logistics, 
and  data  manipulation  algo¬ 
rithms.  Develop  company's  pro¬ 
prietary  API  for  building  and 
manipulating  ICC  color  profiles. 
Develop  a  high-level  interface 
middle-tier  library  exposing  func¬ 
tionality  of  Monaco's  color  man¬ 
agement  API  for  application  pro¬ 
grammers  utilizing  MS  COM 
architecture.  Facilitate  support 
for  handling  device  colorimetric 
characterization,  color  appear¬ 
ance  modeling,  and  color  gamut 
mapping  which  are  constituent 
of  color  management  model. 
Perform  integration  and  tuning 
of  spectrophotometer  and  col- 
orimiter  devices.  Perform  GUI 
development  for  color  manage¬ 
ment  applications  using  MFC. 
Min.  Reqt's:  Masters  Degree 
(foreign  equivalent  accepted)  in 
CS,  EE,  Math,  Physics  or  relat¬ 
ed  field  of  study,  PLUS  4  yrs 
experience  in  job  offered  or  4 
years  experience  in  a  related 
occupation  in  SW  development 
or  related.  MUST  possess  dem¬ 
onstrated  expertise:  (1)  Math¬ 
ematical  modeling;  numerical 
methods  for  interpolation  and 
extrapolation  of  linear  and  non¬ 
linear  data  behavior,  systems  of 
linear  equations;  (2)  Funda¬ 
mental  optics  principles,  includ¬ 
ing  electromagnetic  theory  of 
light  propagation,  black  body 
radiation,  geometrical  optics  and 
optics  of  the  human  eye;  spec¬ 
tral  analysis;  and  (3)  OO  design 
and  architecture;  multithreaded 
MS  COM  application  develop¬ 
ment;  GUI,  middle-tier  and  API 
library  development  using  C / 
C++,  COM,  MFC,  ATI  in  Visual 
C++  environment.  Basic  pay  is 
$95,100  per  year  FT  and  stan¬ 
dard  company  benefits.  EEO. 
Submit  2  resumes  and  respond 
to  Case  No.  200204067, 
Division  of  Career  Services, 
Labor  Certification  Unit,  19 
Staniford  St,  1st  FI,  Boston,  MA 
02114. 


Systems  Test  Consultant  - 
Responsible  for  the  analysis  of 
requirements  and  design  of 
applications  and  software  to 
ensure  appropriate  test  plan  and 
test  case  development.  Engage 
in  project  management  testing 
and  full  development  efforts. 
Work  with  vendors  to  monitor 
and  report  on  quality  issues. 
Monitor,  analyze,  and  report  on 
multiple  projects,  ensuring  com¬ 
pliance  with  company  project 
standards.  Requirements:  Bach¬ 
elor’s  degree  in  Computer  Sci¬ 
ence  or  Information  Systems 
and  two  years'  experience  in  job 
offered  or  in  Information  Tech¬ 
nology  Testing.  Experience  must 
include:  18  months  IT  testing  of 
accounts  receivable  and  general 
ledger  applications  for  docu¬ 
mentation,  and  requirements 
analysis  consisting  of  six 
months  of  SEICMMI  methodolo¬ 
gy.  Salary:  $70, 066/year.  Work 
hours:  8  am  to  5  pm,  M-F.  Send 
resume  to  Dawn  at  fax  number 
252-246-4649. 


Senior  Engineer  (Portland,  OR): 
Develop  &  implement  introspec¬ 
tive  &  self-adaptive  hardware  & 
software  sys.  Design,  imple¬ 
ment,  &  evaluate  new  program 
representations.  Consult  w/ 
teams  &  clients  to  enhance  reli¬ 
ability,  scalability  &  performance 
of  advanced  computer  system. 
Supervise  project  team  &  engi¬ 
neers  to  devise  solutions.  Min. 
req's:  Ph.D.  in  Comp.  Sci.  or 
Elec.  Eng.  Plus  1  yr.  specialized 
experience.  Send  resume  to 
Melanie  Peters,  Business  Man¬ 
ager,  Reservoir  Labs,  Inc.,  632 
Broadway,  Suite  803,  New  York, 
NY  10012. 


Technical  Support  Analyst 

Experience:  Minimum  3  years 
recent  experience  in  a  similar 
position 

PCS  has  an  opening  for  a 
Technical  Support  Analyst  based 
in  Chicago,  Illinois.  The  selected 
candidate  must  have  a  minimum 
of  a  bachelors  degree  in  Elec¬ 
tronics  or  Management  Informa¬ 
tion  Systems  or  Computer  Sci¬ 
ence  or  Computer  related  field 
or  equivalent.  A  minimum  of  3 
years  of  recent  experience  in  a 
similar  position  is  required. 

Job  Description:  The  job  re¬ 
quires  the  employee  to  possess 
a  minimum  of  3  years  recent 
work  experience  in  a  similar  po¬ 
sition.  Prior  experience  with  de¬ 
signing  and  implementing  solu¬ 
tions  for  extending  systems 
management  capabilities  of  CA- 
Unicenter  TNG  for  different 
types  of  non-IT  devices  is  man¬ 
datory.  Must  possess  work  ex¬ 
perience  using  Wireless  Devices 
(Vast,  Opto22,  Ion  Networks, 
Badger  and  Nokia)  and  integra¬ 
tion  of  these  devices  with  CA- 
Unicenter  TNG.  Prior  experience 
implementing  CA-Unicenter 
TNG  and  related  suites  of  Enter¬ 
prise  Systems  Management 
products  and  software  required. 

Additional  work  responsibilities 
involve  performing  systems  sup¬ 
port,  computer  operating  sys¬ 
tems  configuration,  perform  sys¬ 
tems  support  and  configure 
TCP/IP  and  computer  networks. 
Require  prior  work  experience 
working  on  Windows,  win- 
dows2000  server,  Windows 
2000  advanced  server,  Linux, 
Novell  platform,  routers,  gate¬ 
ways,  LANS/WANS  and  fire¬ 
walls.  Responsible  for  in-house 
systems  administration,  network 
management,  e-mail  manage¬ 
ment,  LAN,  VPN,  remote  access 
management  and  providing  for 
in-house  users  and  external 
clients. 

The  job  responsibility  requires 
travel  as  required.  Please  send 
your  resume  and  cover  letter  to: 
Human  Resources,  Profession¬ 
al  Consulting  Services,  Inc., 
1415  North  Dayton,  #3S, 
Chicago,  IL  60622. 


Seeking  qualified  applicants 
for  the  following  positions  in 
Memphis,  TN:  Senior  Busin¬ 
ess  Systems  Analyst.  Develop 
major  applications  systems 
requirements,  testing  and  con¬ 
trols.  Requirements:  Bachel¬ 
or’s  degree  or  equivalent*  in 
business,  computer  science, 
engineering,  mathematics, 
MIS  or  related  field,  plus  5 
years  of  experience  in  sys¬ 
tems  planning  and  design  or 
systems  development  and 
integration.  Experience  with 
Oracle,  PL/SQL  and  applica¬ 
tion  design  and  testing  also 
required.  'Master's  degree  in 
appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Chris 
Gibney,  Federal  Express 
Corporation,  3680  Hacks 
Cross  Road,  Bldg  H  2nd  Floor, 
Memphis,  TN  38125.  EOE 
M/F/D/V. 


mPower  Software  Services  has 
mult,  openings  avail,  for  IT  Pro¬ 
fessionals  and  Consultants.  Dut¬ 
ies  will  include  but  will  not  be 
limited  to  developing  and  de¬ 
signing  s/w  systems  using  vari¬ 
ous  h/w,  o/s  tools,  software 
packages  and  languages;  devel¬ 
oping  client/server,  mainframe, 
midrange,  ERP  &  web  applica¬ 
tions.  A  degree  is  required.  We 
will  accept  foreign  equiv.  of  the 
required  educ.  and/or  its  equiv. 
in  edu.  and  experience.  Opening 
also  available  for  Business 
Analyst  to  work  with  software 
professionals  to  identify  alterna¬ 
tives  and  solutions,  evaluate 
business  requests  for  feasibility. 
Competitive  salaries  offered. 
Apply  to: 

recruiting@mpowerss.com  or 
mPower  Software  Services, 
17295  Chesterfield  Airport  Rd, 
Suite  241,  Chesterfield,  MO 
63005. 


enterprise  integration 
network  vulnerabilities 
corporate  data  security 
government  compliance 
mobile  &  wireless  security 
business  management  needs 


The  right  IT  professional 
can  jump  the  hurdles  of 
today’s  IT  challenges. 


Call: 

(800)  762-2977 


Computerworld  •  InfoWorld 


Network  World 
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SEARCH  FOR  JOBS 
AND  POST 
YOUR  RESUME  ON 
ITCAREERS.COM 

OR  CALL 
(800)  762-2977 


SOFTWARE  ENGINEER:  Using 
J2EE  technologies,  design  and 
develop  software  application 
solutions  for  retail  price  manage¬ 
ment,  retail  purchasing  and  allo¬ 
cation  optimization.  Duties 
include:  implementation  and 
deployment  of  solutions:  writing 
unit  tests  for  modules;  and  cus¬ 
tomization  applications  including 
clustering  and  scalability. 
Employ  Struts  and  XML/XSL. 
Min.  Reqt's:  Master's  Degree  in 
Computer  Science  or  closely 
related  field  and  one  (1)  year  of 
experience  in  the  job  offered  or 
one  (1)  year  experience  in  the 
related  occupation  of  software 
application  development  OR  IN 
THE  ALTERNATIVE,  will  accept 
Bachelor's  degree  in  same  fields 
of  study  and  six  (6)  years  of  pro¬ 
gressive  work  experience  in  job 
offered  or  related  occupation  of 
software  application  develop¬ 
ment.  Also  must  possess:  (1) 
demonstrated  expertise  using 
the  following:  J2EE  Techn¬ 
ologies  including  EJB/JSP/ 
Servlets  and  XML/XSL  Tech¬ 
nologies;  (2)  Demonstrated 
experience  using  Struts; 
Clustering  and  Scaling  software 
applications;  and  Java  Script. 
Basic  pay  is  $92,100  per  year 
FT  and  standard  company  bene¬ 
fits.  EEO.  Submit  2  resumes  and 
Respond  to  Case  No.  2002- 
04212,  Division  of  Career 
Services,  Labor  Certification 
Unit,  19  Stamford  Street,  1st  FI., 
Boston,  MA  02114. 


Morrisett  Associates  is  the  own¬ 
er  of  www.midwestcvber.com. 
We  look  for  web/system  devel¬ 
opers  for  web  development 
using  ASP  (VBScript  and  Java¬ 
Script).  Candidate  must  have 
BS/MS  plus  exp  using  ASP, 
ASP.Net,  VB.Net.  Please  con¬ 
tact  morrisett@midwestcvber 
.com.  EOE. 

Multiple  positions  for  IT  profes¬ 
sionals  to  design,  develop,  test 
applications  using  Oracle,  SQL 
Server,  DB2,  VB.  Unix,  Infor- 
matica,  etc.  Qualified  applicants 
must  have  MS/BS  or  equivalent 
with  experience  in  the  IT  field. 
Contact  iKnowvate  Technolo¬ 
gies  at  info@iknowvate.com. 
EOE. 


ShellSoft  seeks  IT  professionals 
(programmer/system  analysts, 
software  engineers),  project 
engineers  using  Oracle,  SAP, 
SQL.  Java,  C/C++.  Minimum 
requirement  is  MS/BS  with  IT 
experience.  Some  positions 
require  travel.  Please  send 
resume  to  iobs@shellsoftinc 
.com.  EOE. 

Emergtech  is  looking  for  IT  pro¬ 
fessionals  to  design  software 
and  computer  systems  to  meet 
project  requirements.  Candi¬ 
dates  must  have  BS/MS  degree 
plus  experience  in  the  computer 
field.  We  are  small  but  stable. 
Travel  maybe  required.  Please 
send  resumes  to  ioh@emera 
techinc.com.  EOE. 


Software  Engineer.  Develops 
and  maintains  software  algo¬ 
rithms  for  Image  Analysis, 
Pattern  Recognition.  Decision 
Making  and  other  related  intelli¬ 
gent  processes.  Performs  sys¬ 
tem  level  object-oriented  pro¬ 
gramming  under  Microsoft 
Windows  XP  and  develops 
application  software  for  the  com¬ 
pany's  X-ray  inspection  sys¬ 
tems.  Require  a  master  degree 
in  computer  science  or  a  related 
field  plus  2  yr.  exp.  on  job 
offered  or  2  yr.  exp.  in  a  related 
field.  Apply  to:  YesTech,  Inc., 
1221  Puerta  Del  Sol,  Suite  500, 
San  Clemente,  CA  92673.  Attn: 
Owen  Sit. 


Quality  Control 
Informatics  Specialist  IV 

Boehringer  Ingelheim  Vetmedi- 
ca,  Inc.  has  an  immediate  open¬ 
ing  in  its  Elwood,  Kansas  facility 
for  the  position  of  Quality  Con¬ 
trol  Informatics  Specialist  IV. 

Responsible  for  supporting  the 
Company's  manufacturing.  R&D 
and  technical  services  through 
quality  control  and  troubleshoot¬ 
ing  analytical  methodology  (wet 
chemistry,  chromatography  and 
spectroscopy),  and  for  designing 
storage,  retrieval,  sharing  and 
optimal  use  of  manufacturing/ 
release  information  and  data. 

Must  possess  a  master's  degree 
or  equivalent  in  Computer  Sci¬ 
ence  or  a  related  field  and  a 
master's  degree  or  equivalent  in 
Chemistry,  or  a  related  field  and 
relevant  work  experience.  Ex¬ 
perience  with  analytical  chem¬ 
istry  (chromatography,  spec¬ 
troscopy,  wet  chemistry),  pro¬ 
gramming  with  C++.  VB  and 
VBA,  database  systems  with 
Oracle  and  MS  access,  Win¬ 
dows  operating  system,  includ¬ 
ing  2000  server,  and  TCP/IP  net¬ 
working  and  information  security 
is  required. 

Resume  and/or  cover  letter 
must  reflect  each  requirement 
above  and  specify  reference 
code  AD-GCD/GC0204  or  it  will 
be  rejected. 

Forward  resume  to  Bl  Staffing 
Center,  PO  Box  534,  Waltham, 
MA  02454. 


Software  Engineers  needed. 
Seeking  qual.  candidates  pos¬ 
sessing  MS  or  equiv.  and/or  rel. 
work  exp.  Part  req.  exp.  must 
includ  2  yr  working  w/  Java. 
Exp.  working  in  healthcare 
industry  preferred.  Duties  in¬ 
clude:  Design,  develop,  test  & 
debug  software;  Analyze  & 
define  customer  req.,  Deploy/ 
debug  applications  on  various 
customer  location.  Program/ 
code  using  Java  &  Oracle  on 
MS  Windows  Platforms.  Send 
res.  ref.  &  sal.  req.  to  Arrendale 
Associates,  20484  G  Chartwell 
Center  Dr.,  Cornelius,  NC 
28031. 


Applications  Engineers  needed 
for  our  Livermore,  CA  office. 
Seeking  qual.  candidates  pos¬ 
sessing  MS  or  equiv.  in  Comp 
Sci.  or  related  field,  and/or  rel 
work  exp.  Part  of  the  req.  rel. 
work  exp.  must  include  1  yr 
working  w/  Oracle  &  ColdFus¬ 
ion.  Duties  include:  Develop, 
design  &  code  web  applications; 
Analyze  &  design  databases; 
Administer  ColdFusion  applica¬ 
tions  &  web  services.  Work  w/ 
Oracle,  ColdFusion,  PL/SQL,  & 
Java.  Send  res.,  ref.  &  sal.  req. 
to  itradenetwork,  Inc.  at  hr@ 
itradenetwork.com.  No  Phone 
calls. 


Systems  Analyst/ASIC  Designer /CAD 
Engineer  Analyzes  user  requirements, 
procedures  and  problems  to  automate 
processing  or  to  upgrade  existing  com¬ 
puter  system.  Bachelor's  degree  in 
Computer  Science,  Engirveering  or 
math  related  and  2  yrs  of  exp  in  job 
offered  required.  Included  in  those  2 
yrs  must  have  2  yrs  experience  with  C, 
C++  programming  languages.  Should 
be  able  to  do  RTL  coding,  timing  analy¬ 
sis,  formal  verificatxm,  ATPG  internal 
scan,  spice  simulations,  package  de¬ 
signing  for  a  chip  and  2  yrs  experience 
wfffi  UNIX.  MSDOS  and  Windows95 / 
98/NT  operating  systems.  Must  be 
able  to  travel.  $90,00Q/yr.  Apply  by 
resume  only  to  HR  Dept  Time  To 
Market.  Inc.,  560  S  Winchest-er 
Boulevard,  suite  304,  San  Jose.  CA  - 
95128.  (1  position). 


ASSOCIATE  (IMPLEMENTA¬ 
TION  ANALYST);  Will  develop 
and  implement  customized  soft¬ 
ware  solutions  for  utility  or  ener¬ 
gy  industry  clients  for  billing,  set¬ 
tlement,  customer  information 
and  other  systems.  Will  play  crit¬ 
ical  role  in  configuring  and 
selecting  software  to  provide  the 
most  efficient  operation.  Will 
advise  client  through  the  imple¬ 
mentation  project  and  train  the 
client  in  the  use  of  the  cus¬ 
tomized  software.  Will  travel  to 
customer  sites  throughout  North 
America  and  the  United 
Kingdom.  Will  support  sales, 
product  marketing,  and  engi¬ 
neering  teams  in  the  sale,  deliv¬ 
ery,  and  installation  of  leading 
proprietary  software.  Will  assist 
in  development  of  sales  strategy 
and  will  attend  trade  shows  as 
company  representative  Dem¬ 
onstrated  expertise  supporting 
software  sales  including  cus¬ 
tomization  and  implementation 
of  software  products  and 
demonstrating  and  implement¬ 
ing  software  products  for  the 
energy/utility  industry.  Frequent 
domestic  and  international  trav¬ 
el.  Requirements:  B.S./B.A.  (or 
equiv)  in  CS,  MIS,  or  related 
field  (or  as  part  of  Business 
Management  or  Administration 
program)  and  two  (2)  years  of 
experience  in  the  job  offered  or 
two  (2)  years  experience  in  the 
related  occupation  of  System 
Analysis,  Implementation,  or 
Software  Product  Support.  Also, 
demonstrated  expertise  support¬ 
ing  software  sales  including  cus¬ 
tomization  and  implementation 
of  software  products  and 
demonstrating  and  implement¬ 
ing  software  products  for  the 
energy/utility  industry.  Frequent 
domestic  and  international  trav¬ 
el.  Offered  salary  is  $  75,000/ 
year  for  full-time  employment 
(min.  40  hours  per  week)  and 
standard  company  benefits 
EEO.  Submit  2  resumes  and 
respond  to  Case  No. 
200300024,  Division  of  Career 
Services,  Labor  Certification 
Unit,  19  Staniford  Street,  1st 
Floor,  Boston,  MA  02114 


mPower  Software  Services  has 
opening  for  Financial  Analyst. 
Duties  will  include  but  will  not  be 
limited  to  analyzing  financial 
records  to  determine  operating 
resources,  analyze  financial  and 
business  results,  estimate  future 
revenues  and  expenditures.  A 
degree  is  required.  Opening 
also  for  Business  Analyst  to 
work  with  software  professionals 
to  identify  alternatives  and  solu¬ 
tions,  evaluate  business  re¬ 
quests  for  feasibility.  We  will 
accept  foreign  equiv.  of  the 
required  educ.  and/or  its  equiv. 
in  edu.  and  experience.  Compe¬ 
titive  salaries  offered.  Apply  to: 
recruiting@mpowerss.com  or 
mPower  Software  Services, 
17295  Chesterfield  Airport  Rd. 
Suite  241,  Chesterfield,  MO 
63005. 


Systems  Analyst:  Analyzes 
user  requirements,  procedures 
and  problems  to  automate  pro¬ 
cessing  or  to  upgrade  existing 
computer  system.  Bachelor's 
degree  in  Computer  Science 
Engineering  or  math  related 
and  2  yrs  exp.  in  job  offered 
required.  Included  in  those  2yrs 
must  have  2  yrs  exp.  with  C, 
C++  programming  languages 
and  2  yrs.  exp  UNIX,  MSDOS 
and  Windows95  operating  sys¬ 
tems.  Must  be  able  to  travel. 
$90,000/yr.  Apply  by  resume 
only,  to  HR  Dept,  Time  To 
Market,  Inc.,  560  S  Winchester 
Boulevard,  Suite  304,  San 
Jose ,  CA  -  95128.  (3  positions;.} 
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and  executive  forums  worldwide, 
including  our  one  day  Technology  Tours, 
customized  on-site  training,  and  executive  forums  such  as  DEMO®, 
DEMOmobile®,  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX 
Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800-643-4668  or  go  to  www.nwfusion.com/events. 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500  and 
up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399 
1900  x129  or  E-mail:  mshober@reprintbuyer.com. 
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e-business,  and  a  net-centric 
company”  says  Allen  Ballinger, 
manager  of  distributed  network 
integration  at  Boeing.  “We  have 
fewer  people  in  the  company, 
but  they  are  accomplishing 
more  via  our  network-enabled 
environment.” 

Boeing’s  network  consists  of 
hundreds  of  LANs,  an  extranet 
for  linking  to  partners,  and  three 
main  data  centers  in  the  Mid¬ 
west,  Pacific  Northwest  and 
Southern  California.  An  OC-48 
SONET-based  metropolitan-area 
network  also  runs  across  manu¬ 
facturing  facilities  in  Puget 
Sound, Wash. 

For  higher  bandwidth  and 
more  flexibility  in  traffic  routing, 
Boeing  last  year  moved  to  a 
nationwide  ATM  service  from 
Sprint,  running  MPLS  VPN  links 
on  top  of  the  OC-1  and  OC-3 
pipes.  Boeing  previously  tied 
offices  together  with  T-3  frame 
relay  circuits  leased  through  var¬ 
ious  providers. 

MPLS  lets  the  company  run  IP 
traffic  securely  through  a  public 
network  with  the  same  reliability 
as  a  dedicated  point-to-point  cir¬ 
cuit.  Because  MPLS  is  a  routable 
protocol,  it  has  the  ability  to  re¬ 
route  if  one  path  is  blocked. 
Using  MPLS  in  an  enterprise- 
class  network  is  not  unheard  of, 
experts  say  —  especially  one  the 
size  of  Boeing’s. 

“1  look  at  the  network  now  as  a 


ubiquitous  services  network,” 
says  James  Farricker,  technical 
fellow  and  chief  engineer  of 
Boeing’s  IntraNet  computing 
and  network  operations.  The 
idea  is  to  make  any  IT  service 
used  by  an  employee  “just 
another  layer  on  top  of  the  com¬ 
mon  services  network.” 

MPLS  ensures  that  network  ser¬ 
vices  such  as  voice,  video  and 
data  are  delivered  with  high 
quality  and  low  latency  MPLS 
tags  traffic  with  eight  priority 
quality-of-service  (QoS)  levels, so 
that  time-sensitive  packets  are 
routed  the  quickest,  Farricker 
says.  MPLS  allows  tagged  traffic 
to  move  more  quickly  through 
the  network,  routing  around  con¬ 
gestion  or  downed  links. 

The  network  now  connects 
facilities  in  48  states  and  170 
countries,  and  averages  12  peta¬ 
bytes  of  voice  and  data  traffic 
per  month.  Although  expansive 
in  scale,  Boeing  has  reduced  its 
cost  per  terabit  for  managing  the 
network  by  40%  over  the  last 
three  years. 

Farricker  cites  the  consolida¬ 
tion  of  network  services  and 
security  at  the  edge,  and  strin¬ 
gent  management  of  network 
equipment  as  two  keys  for 
reducing  network  operational 
costs. 

“Our  connections  to  the  out¬ 
side  world  used  to  be  complex, 
to  say  the  least,”  he  says. 

At  one  time,  Boeing  had  13 
connections  to  NASA  that  were 
managed  by  several  groups.  ISP 
connections  also  were  spread 
widely  throughout  various  facili¬ 
ties.  Each  link  in  or  out  was  a 


Boeing's  secure  edge 


An  MPLS-based  ATM  backbone  ensures  that  network 
services  such  as  voice,  video  and  data  are  delivered  with 
high  quality  and  low  latency  across  Boeing’s  three  rricuor 
secure  POPs  in  the  U.S. 


Pacific  Northwest  POP 


potential  security  hole  and  man¬ 
agement  issue,  Farricker  adds. 

Now  the  network  resembles  a 
medieval  walled  city  with  only 
three  large  gateways  in  and  out. 
These  security  points  of  pres¬ 
ence  hold  dozens  of  high-speed 
firewalls, VPN  concentrators  and 
packet  filters  from  Cisco,  Juniper 
and  other  vendors.  Carrier-grade 
Cisco  12000  series  in  the  three 
perimeter  POPs  anchor  the  net¬ 
work  wall  and  link  the  company 
to  its  three  main  ISPs. 

Users  inside  Boeing  can  get 
out  only  through  these  three 
POPs.  This  helps  Boeing  control 
what  comes  in  and  goes  out  of 
the  network. 

Because  the  perimeters  are 
linked  via  MPLS  label-switched 
paths,  the  network  allows  for 
failover  to  an  alternative  ISP  and 


Keeping  Cisco  I0S  under  control 


One  of  the  major  challenges  in  running 
Boeing’s  predominantly  Cisco-based 
WAN  and  LAN  infrastructures  is  man¬ 
aging  IOS  router  and  CatOS  switch  software 
across  tens  of  thousands  of  network  devices. 

“There  is  a  concentrated  effort  to  limit  the 
variations  of  Cisco  lOSs  and  CatOS  on  the 
Boeing  network,  and  we’ve  made  significant 
progress,"  says  James  Farricker,  technical 
fellow  and  chief  engineer  of  Boeing's  IntraNet 
computing  and  network  operations. 

Managing  IOS  on  routers  became  a  messy 
task  as  Boeing  began  consolidating  its  IT 
assets  when  it  bought  Rockwell  International 
in  1996  and  McDonnell  Douglas  in  1997.  Often, 
iy  two  routers  talking  to  each  other  could 
versions  several  years  apart 


d 

have  had  K 
with  widely 


hard  tc 


different  feature  sets.  Farricker 
iations  of  IOS  software  made  it 
"antee  service  levels  and  perfor¬ 


mance,  but  the  company  has  rectified  that 
situation. 

Now  Boeing's  network  test  lab  emulates  all 
the  company’s  network  environments.  "Instead 
of  the  classic  canned  approach  to  network 
architecture,”  with  access,  distribution  and 
core,  Boeing  defines  its  network  in  technology 
tracks."  These  include: 

•  LAN  switching  (edge  access). 

•  LAN  routing  (distribution,  core). 

•  Metropolitan-area  networks. 

•  WAN  (national  backbone). 

•  Partner  services  (extranet). 

•  Remote  access  services. 

Any  new  IOS  code  is  tested  in  Boeing's  lab 
to  ensure  the  software  meets  the  require¬ 
ments  of  any  of  the  specific  network  layers 
where  it  will  run.  The  code  also  is  tested  for 
interoperability  with  older  IOS  images. 

—  Phil  Hochmuth 


©  Cisco  routers  connect  to  ISPs 
and  security  hardware 
provides  authentication, 
packet  inspection  and  VPN 
tunneling  to  outside  partners. 

©An  MPLS-based  ATM 
backbone  links  corporate 
sites  in  a  meshed  WAN,  with 
no  single  point  of  failure. 

©  Secure  POPs  are  linked  via 
MPLS  routes,  allowing 
inbound  and  outbound  traffic 
to  switch  over  to  another  site 
in  case  of  network  congestion 
or  outages. 


WAN  link  if  a  provider’s  connec¬ 
tion  is  down,  or  if  inbound/out¬ 
bound  traffic  spikes  at  one  of  the 
POPs. 

“This  allows  us  to  keep  alive  a 
24-7  network  for  our  partners,” 
Farricker  says. 

“Making  it  easier  for  partners  to 
work  with  Boeing  over  the  net¬ 
work”  is  crucial,  Farricker  says, 
given  the  company’s  collabora¬ 
tive-style  of  airplane  design.  For 
example,  only  35%  of  the  next- 
generation  7E7  airliner  design 
was  done  inside  Boeing;  a  little 
less  than  two-thirds  of  the  aircraft 
was  designed  by  partners  in  the 
U.S.  and  Japan. 

With  this  secure  wall  around 
the  company  and  flexible,  high¬ 
speed  pipes  within,  Boeing’s  IT 
group  continually  adds  new  ser¬ 
vices  to  improve  productivity 
and  cut  costs. 

“Our  goal  was  to  build  a  net¬ 
work  that  lets  employees  design 
from  anywhere  and  build  from 
anywhere  over  a  common  set  of 
network  services,”  Ballinger  says. 

A  major  services  effort  involves 
the  deployment  of  VoIP  and  IP 
telephony  to  targeted  areas  in¬ 
side  the  company 

“We  envision  voice  as  more  of 
an  application,”  Ballinger  says. 
“This  is  a  simplistic  way  to  say  it, 
but  we’d  like  voice  to  run  like 
e-mail  —  as  an  application  run 
on  a  desktop  with  a  server  in  the 
back  end.” 

Boeing  used  its  IP  WAN  to 
trunk  lines  from  circuit-switched 
PBXs  across  its  network.  This 
saves  several  million  dollars  a 
year  by  eliminating  dedicated 
voice  tie  lines  between  compa¬ 
ny  headquarters  in  St.  Louis  and 
the  Pacific  Northwest  facilities  in 
Puget  Sound. 


The  company  also  is  pushing 
VoIP  to  the  desktop.  Around 
50,000  desktop  phones  in  Boe¬ 
ing’s  engineering  and  adminis¬ 
trative  offices  are  targeted  for  an 
upgrade  to  VoIP  over  the  next 
five  years.  Approximately  9,000 
Cisco  IP  phones  are  deployed. 

“It’s  a  case-by-case  basis,” 
Farricker  says  of  the  IP  phone  de¬ 
ployments.  “We’re  not  going  to 
replace  existing  TDM  technolo¬ 
gies  that  still  have  life  in  them.” 

Boeing  still  uses  hundreds  of 
distributed  circuit-switched 
PBXs,  including  a  Lucent  5ESS 
carrier  switch,  in  its  Pacific 
Northwest  campus.  (At  one  time, 
Boeing’s  phone  network  was 
equal  to  the  17th-largest  U.S. 
phone  company) 

Boeing  hosts  clusters  of  Cisco 
CallManager  IP  PBXs  from  its 
three  data  centers.  Employees 
also  use  Cisco  softphone  clients 
on  laptops  for  teleworking  over 
cable  modems  and  VPN  tunnels. 

Farricker  says  running  voice  as 
a  centralized  application  from 
the  data  center  will  be  simpler  to 
manage  than  having  hundreds 
of  PBXs  across  the  company  The 
benefits  of  mobility  (such  as  soft- 
phones  on  laptops)  and  the 
advanced  messaging  applica¬ 
tions  VoIP  brings  also  are  drivers 
for  the  technology 

“If  an  employee  can  go  any¬ 
where  inside  Boeing  and  keep 
the  same  voice  and  messaging 
presence,  that’s  a  valuable  capa¬ 
bility’  Farricker  says. 

Challenges  in  rolling  out  IP 
phones  will  include  a  major 
overhaul  of  Boeing’s  wiring  clos¬ 
et  switches  in  many  facilities. 

“There  are  still  a  lot  of  Catalyst 
5000s  out  in  closets  that  don’t 
support  QoS  to  the  desktop,  or 
power  over  Ethernet,”  Farricker 
says. These  features  are  essential 
for  guaranteeing  voice  quality, 
and  for  ensuring  phone  surviv¬ 
ability  in  case  of  blackouts. 
“When  you  wrap  in  that  cost,  it 
becomes  a  hurdle”  to  deploy 
VoIP  at  older  facilities.“We  will 
have  to  refresh  almost  every¬ 
thing”  in  those  buildings  to  sup¬ 
port  IP  phones. 

Boeing  also  has  experienced 
scaling  issues  with  the  Cisco  IP 
PBXs  because  its  IP  phone  ambi¬ 
tions  are  larger  than  most  corpo¬ 
rations’.  Farricker  says  Boeing  is 
working  with  Cisco  on  ways  to 
better  distribute  the  CallManager 
clusters  to  handle  up  to  50,000 
users.  ■ 
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Sensors 

continued  from  page  10 


Sensor  nets  go  wireless 


Advances  in  silicon  and  wireless  network  technologies  are  letting  companies  cut  the 
cords  on  their  sensor  networks,  which  are  used  for  tracking  everything  from  fire 
extinguishers  to  heating  systems.  Wireless  deployments  hold  out  the  promise  of  more 
flexible  architectures,  lower  cost  and  faster  setup. 


Sample  sensors: 

•  Vibration 

•  On/off 

•  Temperature 

•  Motion 

•  Pressure 


i. T 

Sensor 

Wireless 

radio 

Radio: 

•  Low  power. 

•  Silicon  based  on  proprietary  or  IEEE  802.14.5  technology. 

•  30  to  200-foot  range;  can  be  amplified. 

•  Network  software  based  on  proprietary  or  pending  ZigBee  spec. 


•  Legacy  control  systems 

•  IP  LANs  or  1 

•  Internet 


Cisco  to 
fight  worms 

B  BY  ELLEN  MESSMER 

Cisco  and  Trend  Micro  this 
week  plan  to  announce  a  part¬ 
nership  under  which  Cisco  will 
improve  its  routers,  switches 
and  firewalls  with  Trend’s  worm¬ 
blocking  technology 

Trend  Micro,  which  uses  the 
technology  in  its  own  VirusWall 
product,  plans  to  make  its  signa¬ 
ture-based  worm-blocking  tech¬ 
nologies  available  in  Cisco  prod¬ 
ucts  by  the  third  quarter.  Cisco 
says  the  technology  initially  will 
fit  into  its  intrusion-detection 
code  base  and  be  used  to  stop 
network  worms  that  take  advan¬ 
tage  of  software  vulnerabilities. 
Trend  Micro  will  supply  updates, 
which  will  be  managed  via 
CiscoWorks  and  other  Cisco 
management  tools. 

The  agreement  sets  the  stage 
for  broader  technology  integra¬ 
tion  later  under  which  Cisco 
plans  to  bring  Trend’s  policy- 
based  anti-virus  response  and 
remediation  technologies  into 
its  gear. 

The  arrangement  between 
Cisco  and  Trend  Micro  is  facil¬ 
itated  by  the  fact  that  there  is  lit¬ 
tle  direct  competition  between 
the  companies.  That’s  not  the 
case  with  Cisco  and  security  ven¬ 
dors  Network  Associates  and 
Symantec,  the  only  anti-virus  ven¬ 
dors  bigger  than  Trend  Micro. 

“There  is  very  little  overlap 
when  we  go  to  our  customers 
jointly  on  this,”  says  Tom  Russell, 
director  of  product  management 
for  VPN  and  security  products 
at  Cisco. 

In  other  Cisco  security  news, 
the  company  last  week  outlined 
its  technology  and  pricing  strat¬ 
egy  for  a  new  version  of  the  Fire¬ 
wall  Services  Module,  which  has 
been  free  for  use  in  Catalyst  6500- 
series  switches. 

Cisco,  which  introduced  the 
firewall  services  module  hard¬ 
ware  about  18  months  ago  with 
periodic  six-month  upgrades, 
now  will  begin  licensing  it,  start¬ 
ing  at  $12,500  for  a  20  virtual-fire 
wall  license.  This  pricing  is 
intended  for  Version  2.2. 

The  module  can  be  deployed 
and  configured  through  any  of 
three  Cisco  management  con¬ 
soles  so  that  network  managers 
can  establish  logical  firewalls 
between  Catalyst  switching 
points.  ■ 


deliberate  pace  of  deployment. 

Building-automation  vendor 
Andover  Controls  in  Andover, 
Mass.,  has  created  wireless  sen¬ 
sors  based  on  hardware  and 
software  from  Ember.  Andover  is 
working  with  an  unnamed  man¬ 
ufacturer  to  add  the  sensors  to 
air  conditioners.  With  an  option¬ 
al  motion  detector,  also  wire¬ 
less,  a  hotel  chain  could  tell 
when  guestrooms  are  empty 
and  turn  down  heating  or  cool- 
ing.That  could  save  hundreds  of 
thousands  of  dollars  across  the 
chain  because  hotels  could  bet¬ 
ter  manage  electrical  use  dur¬ 
ing  daylight  hours  when  rates 
are  highest,  says  David  Craven, 
Andover’s  director  of  OEM 
sales. 

Philips  Lighting  Electronics 
plans  to  launch  this  fall  two  or 
three  customer  beta  tests  for  fluo¬ 
rescent  light  fixtures  fitted  with 
wireless  sensors.  A  pilot  network 
at  the  company’s  Rosemont,  Ill., 
headquarters,  collected  sensor 
data  that  can  be  used  to  see 
whether  lights  are  on  or  off,  mon¬ 
itor  energy  usage  and  diagnose 
the  lamp’s  performance,  accord¬ 
ing  to  James  Sekinger.the  compa¬ 
ny’s  director  of  business  develop¬ 
ment  for  digital  systems.  Product 
shipments  are  planned  for  early 
next  year. 

Tyco  Thermal  Controls  is  ad¬ 
ding  sensor  nodes,  up  to  about 
300,  to  stress  test  a  small  pilot 
wireless  network  in  one  of  its 
manufacturing  plants,  says  Ken 
McCoy,  general  manager  of  the 
firm’s  electronics  business  unit 
in  Menlo  Park,  Calif.  The  com¬ 
pany  makes  pipe  heating  sys¬ 
tems,  which  look  like  wide 
bands  of  tape  wrapped  around 
the  pipe’s  length.  The  sensors 
measure  temperature  data  in 
industrial  pipes,  and  pass  the 
data  wirelessly  to  a  control  panel 
where  the  heaters  can  be  turned 
on  or  off.  Tyco  plans  to  start  sev¬ 
eral  customer  beta  tests  in  the 
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next  two  to  three  months. 

“I’m  replacing  wire  that  [in 
industrial  sites]  may  be  $10  per 
foot,”  McCoy  says.  “For  50  feet  of 
wire,  that’s  $500.  Wireless  sensors 
won’t  make  for  a  breakthrough  in 
capabilities,  but  we’ll  be  able  to 
install  these  systems  much  less 
expensively’ 

The  Tyco  project  has  taken 
longer  than  expected,  even 
though  Tyco’s  goal  was  simply  to 
replace  the  wired  connection  and 
preserve  the  same  data  inputs  to 
its  stand-alone  control  panel. 
Ember’s  hardware  and  software 
ran  reliably  with  adequate  perfor¬ 
mance  at  915  MHz  and  2.4  GHz 
out  of  the  box,  McCoy  says. 

But  the  Tyco  engineers  had  to 
do  some  rethinking  about  how 
to  structure  the  network  and 
how  to  relate  the  sensor  nodes 
to  the  Tyco  control  panels.  “We 
thought  [the  sensor  network] 
would  map  to  our  current  prac¬ 
tices,”  McCoy  says.  “We  almost 
reversed  our  traditional  way  of 
thinking  about  the  net.” 

Instead  of  the  control  panel 
requesting  data  from  a  given  sen¬ 
sor,  now  the  sensor  is  the  initiator. 
In  effect,  the  sensor  searches  for 
control  panels  that  want  to  “con¬ 
sume”  its  data,  and  then  sub¬ 
scribes  to  that  controller’s  “con¬ 
sumption  service.” 

Interfacing  with  networks  com¬ 
plicates  the  picture  even  more, 
and  little  work  has  been  done  on 
that.  Accenture  Technology  Labs, 
the  Palo  Alto  research  and  devel¬ 
opment  arm  of  the  Accenture 
consulting  and  technology  ser¬ 
vices  firm,  built  a  pilot  wireless 
sensor  network  to  study  how 
such  networks  can  be  integrated 
with  enterprise  networks. 

Early  this  year  Accenture  set  up 
sensors  to  monitor  soil  condi¬ 
tions,  temperatures  and  rainfall  at 
Pickberry  Vineyard,  a  small 


California  grower  of  premium 
grapes  for  wine.  Accenture  used 
hardware  and  software  from 
Millennial  Net.  “The  core  activity 
of  setting  up  the  wireless  net  was 
relatively  easy:  just  take  it  out  of 
the  box,  turn  it  on,  and  then  start,” 
says  William  Westerman,  an  asso¬ 
ciate  partner  at  the  labs. 

But  the  sensors  were  often 
power-hungry  so  data  polling  and 
transmission  had  to  be  fine-tuned 
not  to  exhaust  their  batteries. 
They  also  could  be  finicky  being 
jammed  3  feet  into  the  ground. 
While  the  network  proved  reli¬ 
able  over  the  five  months  of  test¬ 
ing,  there  were  rare  losses  of  a 
given  sensor’s  signal. 

The  data  was  fed  over  the  mesh 
network  to  the  Millennial  Net 
gateway  which  was  equipped 
with  a  cellular  network  card,  for 
transmission  to  a  server  on  the 
labs’  Palo  Alto  network.  There  the 
data  was  stored  in  a  database  and 
then  converted  into  Web  services, 
Web  pages  or  input  into  Excel 
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databases. 

Westerman  says  enterprise  net¬ 
work  executives  need  to  think 
about  creating  multi-level  sensor 
and  RFID  networks.  Sometimes  a 
vineyard  node  would  send  a 
false  reading,  for  example,  air 
temperature  at  300  degrees.  “We 
added  a  rule  at  the  gateway  to  fil¬ 
ter  out  readings  that  were  obvi¬ 
ously  wrong,  rather  then  transmit 
this  data  all  the  way  back  to  our 
server;”  he  says. 

Some  data  aggregation  will  be 
needed  at  the  level  of  the  sensor 
network.  Instead  of  30  tempera¬ 
ture  sensors  in  a  warehouse  all 
sending  back  the  same  reading, 
group  them  into  zones,  and  send 
back  one  data  point,  such  as 
“Zone  A,  72  degrees.” 

The  best  way  to  tackle  these 
issues,  Westerman  says,  is  the 
old-fashioned  way:  create  a 
pilot,  bring  in  a  development  kit 
from  one  or  more  of  the  ven¬ 
dors  and  create  your  own  sen¬ 
sor  network.  ■ 
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Mark  Gibbs 


Worrying  about  the  ‘Seven  Ugly  Dwarves' 


couple  of  weeks  ago  I  wrote 
about  my  worries  (see  www.nw 
fusion.com,  DocFinder:  2344), 
and  my  last  worry  was  what  malware 
might  be  lurking  in  our  e-mail 
archives. 

To  recap:  When  I  recently  tested  a 
new  email  indexing  tool,  it  opened 
messages  and  their  attachments  that  I  had  filed 
away  unopened  or  deleted  but  not  purged.  In  the 
process,  the  indexer  turned  up  a  treasure  trove  of 
viruses  and  worms  that  for  one  reason  or  another 
my  anti-virus  system  had  not  caught. 

This  led  me  to  worry  about  the  scale  of  this  prob¬ 
lem  in  the  business  world  —  these  stock  piles  not 
only  act  as  a  pool  of  latent  infection  that  periodically 
will  be  disturbed,  cause  problems  and  cost  money 
but  their  existence  means  that  malware  never  will  be 
eradicated  completely  A  big  worry  indeed.  Well,  I  just 
heard  of  a  bigger  liability  that  lurks  in  your  messag¬ 
ing  systems:  old  message  content. 

I  chaired  a  couple  of  sessions  last  week  at  the 
Inbox  conference  in  San  Jose,  and  one  of  the  other 
sessions  1  attended  was  titled  “The  Email  Comedy 
Club:  Membership  Details.”The  speakers  were  Joan 
Feldman,  president  of  Computer  Forensics,  and 
Elizabeth  Charnock,  CEO  of  Cataphora. 

These  companies  specialize  in  electronic  discovery 


—  the  art  and  science  of  analyzing  corporate  data 
and  email  for  legal  cases.  What  struck  me  first  was 
the  scale  of  the  work  they  get  involved  in,  compiling 
and  processing  terabytes  of  data  and  building  up  a 
picture  of  what  was  said,  by  whom,  how  it  was  said, 
what  was  not  said  and  when  these  events  happened. 

But  wow!  The  dumb  things  people  put  in  e-mail. 
Charnock  groups  the  dumb  messages  into  cate¬ 
gories,  what  she  calls  the  “The  Seven  Ugly 
Dwarves”:  freaked  out,  angry  conspiratorial,  confes¬ 
sional,  friendly  advice,  personal  and  confused. 

A  few  of  Chamock’s  examples  are  worth  citing, 
such  as  this  freaked  out  message:“It  is  all  hopeless.lt 
can’t  be  done.  We  have  to  let  the  client  know  we 
can’t  deliver  on  this  contract.There  are  too  many 
risks  of  defects.”  Charnock  points  out  that  this  could 
be  a  tired,  frustrated  employee  letting  off  steam,  or  it 
might  be  a  whistle-blower  indicating  a  real  problem. 

Or  how  about  implied  conspiratorial  exchanges: 
10:23  a.m.,  Joe  to  Jane: “The  stock  will  be  going  up 
by  at  least  20%  tomorrow.  Don’t  tell  anyone.” 

Followed  by  10:39  a.m.,  Jane  to  Jill:“Meet  me  in  the 
cafeteria  in  10  minutes.” 

Friendly  advice  can  be  revealing:“If  the  auditors 
find  real  problems,  there  could  even  be  a  criminal 
issue.This  is  very  serious  stuff.You  really  need  to  look 
into  this  yourself.”  As  Charnock  pointed  out,  this  help¬ 
ful  friend  just  removed  the  excuse  of  ignorance. 


Then  there  are  the  personal  messages:“I  had  the 
most  amazing  LSD  trip  last  night.  It  changed  my  life.  I 
want  to  tell  you  all  about  it.” Charnock  says  that  this 
was  the  beginning  of  a  real  sequence  of  messages 
that,  as  you  might  imagine,  would  not  be  the  sort  of 
thing  you’d  want  floating  around  your  messaging 
archives  waiting  to  become  part  of  a  discovery 
process. 

The  thing  that  Charnock  and  Feldman  vigorously 
promoted  was  the  need  for  corporate  policies  on 
acceptable  e-mail  use  and  e-mail  retention.  In  a  sub¬ 
sequent  discussion  it  became  apparent  that  the 
majority  of  companies  they  deal  with  either  fail  to 
create  such  policies  or,  if  they  do,  fail  to  make  them 
work. 

An  acceptable-use  policy  is  crucial  because  peo¬ 
ple  simply  don’t  write  carefully  As  Charnock  pointed 
out,  e-mail  is  a  significant  risk  as  it  is  intimate,  diary¬ 
like,  often  dashed  off  quickly  informal,  heavily  con¬ 
text-dependent  stream  of  consciousness  and  has 
become  a  de  facto  means  of  business  communica¬ 
tion.  It  is  also  self-propagating,  and  there’s  a  false  pre¬ 
sumption  of  safety  in  volume. 

Next  week  well  discuss  corporate  e-mail  AUPs  and 
retention  policies.  In  the  meantime,  how  have  you 
addressed  these  issues?  'Fess  up  to  backspin@ 
gibbs.com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Have  you  ever  read  one  of  those 
reader-submitted  movie  reviews  online 
and  asked  yourself:  “Who  cares  what 
these  chuckleheads  think?  Anyone  with  a  browser  and  too  much  time  can  play 
film  critic." 

Well,  here’s  who  should  care:  Movie  studio  executives  who  want  to  know  with  a 
high  degree  of  certainty  how  their  just-released  picture  stands  to  fare  at  the  box 
office  —  and  take  appropriate  business  action  before  it’s  too  late. 

In  fact,  any  business  that  depends  on  word  of  mouth  —  the  film  industry  being 
perhaps  the  best  example  —  should  consider  the  powerful  predictive  potential  of 
Internet  forums,  says  MIT  professor  Chris  Dellarocas,  who  has  conducted  an 
analysis  of  reader  reviews  submitted  toYahooMovies  and  Amazon.com’s  Internet 
Movie  Database. 

What  Dellarocas  and  his  fellow  researchers  demonstrated  goes  beyond  the 
obvious  supposition  that  movies  generating  positive  ’Net  chatter  likely  will  do 
better  than  those  that  get  torched.The  study  uses  a  control-group  survey  and 
statistical  analysis  of  copious  data  to  show  that  amateur  reviews  and  rankings  in 
the  first  week  of  a  film’s  release  actually  can  predict  the  picture’s  long-term  per¬ 
formance,  not  merely  influence  the  ticket-buying  decisions  of  those  who  read 
them.  (Access  the  study  at  www.nwfusion.com,  DocFinder:  2335.) 

“Even  though  we  cannot  claim  generality,  this  finding  supports  the  viewpoint 
that  online  forums  are  emerging  as  a  valid  alternative  source  of  information  to 
mainstream  media,  replacing  our  societies’  traditional  reliance  on  the  ’wisdom  of 
the  specialist’  by  the  ’knowledge  of  the  many,’"  the  report  says. 

The  bottom  iine:  A  studio  that  sees  a  blockbuster  brewing  in  its  analysis  of 
first-week  online  reviews  could  broaden  the  film’s  distribution  and  crank  up  mar¬ 
keting,  while  those  seeing  a  flop  would  have  a  chance  to  cut  their  losses. 

The  study  also  highlights  the  potential  for  corporate  mischief,  given  that  these 


review-and-ranking  sites  are  forums  for  what  is  essentially  anonymous  opining. 

“Manipulation  of  forums  will  become  some  sort  of  arms  race  between  studios," 
Dellarocas  says.  "They  will  all  feel  compelled  to  do  some  of  it,  in  order  not  to  be 
outdone  by  their  competitors.” 

However,  he  sees  the  risk  to  consumers  as  being  minimal. 

"Even  though  there  will  be  some  inflation  of  ratings  across  the  board,  trained 
consumers  —  i.e.,  consumers  who  have  been  reading/participating  in  those 
forums  for  a  while  and  are  familiar  with  their  norms  —  will  not  be  fooled,"  he  says. 

While  I  can’t  say  I  share  that  level  of  confidence  in  consumer  cbmpetence,  there 
should  be  no  doubt  that  the  studios  will  test  the  theory. 

The  study  also  acknowledges  that  analysis  of  first-week  online  reviews  is  not  as 
accurate  a  predictor  of  ultimate  performance  for  all  movies.  In  particular,  the 
study  kicked  out  aberrant  results  for  movies  that  opened  to  little  critical  fanfare 
—  online  or  offline  —  yet  went  on  to  great  success:  “Chicago"  and  “My  Big  Fat 
Greek  Wedding"  being  two  examples. 

"Sleeper  movies  tend  to  blossom  more  slowly,  so  first-week  ratings  cannot 
always  predict  their  subsequent  trajectory,"  Dellarocas  says.  "However,  we  spec¬ 
ulate  that  the  poor  performance  of  our  model  for  sleeper  movies  is  partly  due  to 
the  fact  that  the  mix  of  movies  that  we  used  to  ’train’  the  model  consisted  mostly 
of  blockbuster  movies.  We  believe  that  conceptually  the  model  is  very  much 
applicable  to  sleeper  movies.” 

One  interesting  finding  in  the  analysis  was  that  the  correlation  between  online 
reviews  and  a  film's  box-office  performance  was  found  to  be  stronger  for  reviews 
offered  by  women  than  their  male  counterparts. 

What's  up  with  that? 

"We’re  not  sure  at  this  point,"  he  says.  "YahooMovies  users  are  75%  male,  25% 
female.  One  hypothesis  is  that  women  who  participate  in  online  forums  are  on  the 
average  better  educated  and  more  thoughtful  than  the  average  male  user." 

Want  to  review  this  column ?  The  address  is  buzz@nww.com. 


Keep  one  eye  on  performance 
and  the  other  on  your  budget. 


AMD£1 


Introducing  the  new  HP  ProLiant  DL145  server  featuring  the  performance-boosting  AMD  Opteron™  processor. 

You  can  now  unleash  greater  server  performance  even  as  you  rein  in  spending.  Our  new  HP  ProLiant  DL145  server  turns  up  the  dial  on  32-bit  performance, 
owing  to  the  lightning-quick  memory  access  of  the  AMD  Opteron  processors.  Setup  is  simple.  And  based  on  industry  standards,  the  DL145  is  exceedingly 
flexible  and  scalable  to  fit  seamlessly  into  your  network,  now  and  many  quarters  down  the  road.  When  you  need  technology  solutions  that  work  harder 
within  your  budget,  demand  more  affordability  and  more  performance,  from  HP. 


HP  ProLiant  DL145 
SERVER 

$1,599 

1  xl.60GHz  AMD  Opteron  processor 
expandable  to  2  x  2.20GHz 
1GB  PC2700  DDR  SDRAM  expandable 
to  16GB 

Integrated  dual  port  10/100/1000  NICs 
1  40GB  ATA  hard  disk  drive 
1  PCI-X  64-bit/133MHz  slot 
1-Year  Limited  Global  Warranty 


invent 


To  learn  more  about  how  the  HP  ProLiant  DL145  can  give  you  an  affordable 
performance  boost,  go  to  www.hp.com/go/ProLiantAMD5  or  call  1-877-726-8112. 


Prices  shown  are  HP  direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient's  address.  For  hard  drives,  GB=billion  bytes.  Certain  warranty  restrictions  i 
For  complete  warranty  details,  call  1-800-345-1518  (U.S.).AII  featured  offers  available  in  U.S.  only.  AMD.  the  AMD  Arrow  Logo,  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2004  Hewlett-Packard  De.ioe  , 
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i  want  to  Stop  focusing  on  what’s  attacking  my  servers, 


and  Start  focusing  on  attacking  new  markets. 


Start  expanding  securely  with  Intrusion  Prevention  Solutions  from  McAfee  Security. 


By  combining  System  Protection  and  Network  Protection  Solutions,  the  McAfee®  Security  Protection-in-Depth  strategy  secures  your 
business  from  the  desktop,  to  the  network,  to  the  server — the  mission-critical  heart  of  your  IT  infrastructure.  Add  our  Intrusion  Prevention 
technologies  and  you  can  start  preventing  known  and  unknown  threats  rather  than  merely  detecting  them.  Which  means  you  can  think  a 
little  less  about  security,  and  more  about  securing  new  markets.  Start  today  at  start.mcafeesecurity.com 


Network  Associates.  McAfee,  and  Protection -m- Depth  are  registered  trademarks  dr  trademarks  oi  Network  Associates,  Inc  and/or  its  a  ff  ill  at  es  in  tire  US  and/ofotHe:f  couhtfie's- 
Ali  other  registered  and  unregistered  trademarks  herein  are  the  sole  property  of  their  respective  owners  r:  2004  Networks  Associates  Technology;  lii'c,  Alt  R igh ts  !fi e Serv'ed • 


Network  Associates 


Because  security  is  not  just  about  what  you  can  stop. 


